O'Reilly logo

Hands-On Full Stack Web Development with Aurelia by Erikson Haziz Murrugarra Sifuentes, Diego Jose Arguelles Rojas

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Creating the Admin API

In order to understand how authorization works, let's implement a basic Admin API that will be accessed only by the administrator of our site. Our application has two principal types of users:

  • Normal: This user is able to see the featured matches and the score
  • Admin: This user is responsible to create new matches and update the score

We will use two open source NPM modules to manage the restriction workflow in our backend. The following diagram explains this flow in more detail:

Everything starts with a user request that tries to access a restricted endpoint. The backend first validates whether a valid token is present ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required