Hi all,
I have admin panel that was done in Yii and that web app is hosted on my resource server. I have separate identity server hosting all user information and Yii models and controllers for Users. Now I am switching whole admin panel to Angular but I want to keep functionalities such as model creation/update and call it via APIs. I already made some APIs for front-end for displaying data. The problem is I want to implement RBAC for my users, so only some users could access certain pages. I have 3 questions:
-
What would be a good idea to solve RBAC problem, because I do have separate servers (resource and identity). All Users are on identity server, and all apps and controllers which need access control are on my resource server?
-
Currently I have static login to my old Yii admin panel. When I am not logged in I can not display pages for creation of some models. Because I am switching admin panel to fronted what is the best idea to implement API Login, so I can access create/update pages for my models after I log in via API Login.
-
After successful implementation of point 2, is it possible to keep CRUD functions for my model and access it via APIs from Angular?
Any ideas are welcome.
Thank you.