Web development expert and teams manager with over twenty years experience in the industry.
In many projects, there are authentication processes (more or less). A lot of “best practices” were written in all known technologies and so on, and so forth.
But what happens after the user made the login? After all, he by far cannot do everything. How to define what he can see and what not. What buttons he has the rights to click on, what to change, create and delete.
In this talk, I want to consider the approach used for solving these problems in a web application.