Home/ Questions/Q 7577859
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-30T17:17:38+00:00

How do you prevent people from reaching certain routes, for example, edit and delete,

  • 0

How do you prevent people from reaching certain routes, for example, edit and delete, if they are not registered, or not authorized?

In other words, how can I make so that the router rejects or redirects calls like:

http://appname.com/#/photo/1/edit

without duplicating the validation logic?

What I see as a very buzzing problem is the following: if I go to the aforementioned url, my router method won’t bother to fetch info from the server if I have the photo model already (because this is what stateful apps should do, right ). However, now there is completely no way to tell if the current user is the owner of the photo (to be able to edit), unless the router method checks explicitly if their IDs match … which is already duplication of the validation logic (because the server always makes a validation).

Dilemmas like this are simply ruining my day

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your models shouldn’t be doing any authentication logic. If you have the logic in your server-side code, what’s the problem? Your server should return unauthorized (401 or something similar), and then your model can respond appropriately (e.g., printing an error message to the user).

    • 0