Just a quick question, when we set users through a database, with an endpoint called, for example, /auth/register, do we set the role "User" in the code? And then for creating an admin, do we make a new endpoint called, maybe /auth/registerAdmin and set the role to "Admin" in code?
Well, usually admins don't register separately. They are either created by other admins directly, promoted from a simple user (by changing their role), or created by developers directly in the database. But if you have a requirement to have admins register through a separate endpoint, you could of course do that.
Очень информативно, спасибо большое, благодаря вам внедрил в свой учебный проект security. Продолжайте в том же духе.
Just a quick question, when we set users through a database, with an endpoint called, for example, /auth/register, do we set the role "User" in the code? And then for creating an admin, do we make a new endpoint called, maybe /auth/registerAdmin and set the role to "Admin" in code?
Well, usually admins don't register separately. They are either created by other admins directly, promoted from a simple user (by changing their role), or created by developers directly in the database.
But if you have a requirement to have admins register through a separate endpoint, you could of course do that.
.