Glad you called out securing resources as it's often overlooked.
Thought I'd share this Dominick Baier quote:
"Authorisation should happen as close as possible to the resource you are trying to protect"
And I usually add...
"and it should happen in one place"
As you point out, duplication of authz logic in endpoints is asking for trouble and that's something I try to keep top of mind whenever designing the authn/authz pieces of a system.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Great article.
Glad you called out securing resources as it's often overlooked.
Thought I'd share this Dominick Baier quote:
"Authorisation should happen as close as possible to the resource you are trying to protect"
And I usually add...
"and it should happen in one place"
As you point out, duplication of authz logic in endpoints is asking for trouble and that's something I try to keep top of mind whenever designing the authn/authz pieces of a system.