Welcome Guest, Not a member yet? Register   Sign In
Frontend and Backend Session Handling
#1

I'm building a ecommerce application with frontend and backend parts. There are frontend , backend controllers for separating these two within the same application. I'm using Ion Auth for authetication and extended this library for user roles, privileges management.
For handling customer and backend user logins, I'm using the same Ion Auth library. Therefore, customers and users resides in the Ion Auth users table. Customer specific data is stored in a separate customer table.

If a user successfully logged in to backend, I'm checking he is a real user and not a customer with a flag in users table using Ion Auth login hook. Next, I'm checking their privileges  within each backend controller functions.

Now I need to know whether my appraoch is good enough for a ecommerce or any frontend and secure backend related applications. I would like to know any drawbacks of my method from the experts.
And I think I do not need to handle sessions separately for customers and users which become cumbersome at the end as pointed out by others.

Let me know your insight.
Founder - CSoft Lanka
Reply




Theme © iAndrew 2016 - Forum software by © MyBB