I’m developing an website where i want guests/or public users (who aren’t validated) to be treated as a special guest user without logging in. This would be one role of many, others being, unvalidated, banned, member, admin, etc etc. I’ve got three main tables linked to this usage, the sessions table, users table and the members table, session table works in that it stores a session via the yii barebones app, u’ve also made a member table who have more stores detail to the user table, which will have email address, username, password etc. The member table is foreign keyd to the users table via the userID and the session table is linked to the users table (remembering there is a public user that isn’t a member) via the userID. Does this seem overkill?
I don’t know enough about rbac and i’ve read up loads, but still fail to grasp. Can anyone confirm they get what I am trying to achieve? And think of a way forward for me?