Here, I am creating Angular 2 application with distributed database and micro-service architecture. In my application scenario,
the application condition is that we are having normal user functionality as well as admin functionality like modify, delete organization attributes etc.
a normal user is trying to log in, he will get redirected to application functionality with its routing.
But, if an admin user is trying to log into the application, he should have the choice of admin functionality or normal application functionality.
For achieving this, I am thinking of two approaches:
- Approach: Create two separate Projects (one for application functionality and other for admin functionality), so that admins can have a URL for both and he can access any one of them at will
- Approach: Thinking to build Role based architecture using route guards in single application only, and activate admin functionality page whenever admin will be logged-in
But, confusion regarding security of application. Can my second approach gives security that hackers could not hack my admin rights through that page as it will be part of the same application? Which one will be the more suitable approach?
2 is the best approach but need some authentication and best practices to manage routes as well as conditions of all application
As it will decrease the time of development as well as integrity and you also manage the website easily but having a large complexity.
But as most industries are using such as Flipkart, Amazon they have different portals for sellers, admin, and users.
In admin panel they enable role based login such as account, manager, Sr. Mgr, customer support if it is such a complex architecture go for 1st option
Answered By – Santosh Singh
Answer Checked By – Candace Johnson (AngularFixing Volunteer)