We need to enhance the /seller route in our web application to introduce role-based access control. The goal is to ensure that only users with the "seller" role can view the products they are selling. If a user is not a seller, the system should respond with a 404 error page.
Requirements
Role Verification: Implement a check to determine if the current user has the "seller" role when they attempt to access the /seller endpoint.
Fetch Products: If the user is verified as a seller, fetch and return all products associated with this seller in a structured format (e.g., JSON or an HTML page listing the products).
Handle Unauthorized Access: If the user does not have the "seller" role, return a 404.html page to indicate that the requested resource is not available.
Expected Behavior
Authorized Access (/seller): For users with the "seller" role, display all their products. The page should be user-friendly and include relevant product details such as name, price, and description.
Unauthorized Access (/seller): For users without the "seller" role, redirect to a 404.html page, ensuring that the user is informed about the unavailability of the requested page.
JiayangYing
commented
6 months ago
Description
We need to enhance the /seller route in our web application to introduce role-based access control. The goal is to ensure that only users with the "seller" role can view the products they are selling. If a user is not a seller, the system should respond with a 404 error page. Requirements
Expected Behavior