re: Implementing Impersonation VIEW POST

FULL DISCUSSION
 

This article emphasizes one important concept: Security by design. You can’t simply add some library or enable some flags later on after implementing a system without security in mind.
One interesting takeaway for me was to use a separate models for Admin and User. Most often I saw implementations just having a flag or more permissions.

code of conduct - report abuse