Optimial way of handling two types of users (authorisation)
I have two types of users, who can all do some operations, but each have their own unique set if pages/operations they can complete.
For the operations, I am adding a simple check against their property, and I am redirecting off unauthorised pages manually.
What I'm primarily asking is that if there's a simple way of blocking access to all routes matching a certain pattern unless a user matches certain requirements? Eg users marked as "creator" should only be able to access routes that are under "/creator/"
For the operations, I am adding a simple check against their property, and I am redirecting off unauthorised pages manually.
What I'm primarily asking is that if there's a simple way of blocking access to all routes matching a certain pattern unless a user matches certain requirements? Eg users marked as "creator" should only be able to access routes that are under "/creator/"
