Access control is about controlling user flow within your application. Do not mistaken access control with security which is a bigger subject in itself. Access control begins by authenticating user and limit his or her activity in your application. An activity is something like creating, updating or deleting a content. There are always finite number of activities that can be done in a given application. Each user can be assigned to a set of activities that he or she is allowed to do. Access control is usually tied to session management. However, you do not need session management to have access control. When a user log in, a session is created so that the user is remembered for the subsequent access. Otherwise the user has to keep on providing his or her credential for each access. We can also keep a list of activities that the user is allowed to do in the session record. Some applications let the session alive indefinitely and some applications time out user after a duration of inacti
Programming notes around Cryptocurrency, Electronics and GIS