Lucas-W
commented
6 years ago 1fbbdbcedff900792dcb03caa7f9259d053a663d req.payload.isAdmin does this. Can't restrict on the frontend, only redirect and not send data from backend.
Closed Aidan275 closed 6 years ago
Lucas-W
commented
6 years ago 1fbbdbcedff900792dcb03caa7f9259d053a663d req.payload.isAdmin does this. Can't restrict on the frontend, only redirect and not send data from backend.
Need to make changes to the authentication in the backend for the API calls to distinguish between roles and to the front end to restrict certain routes for certain user roles (maybe - depending on the different privileges and access the different roles permit).