0

im new in vuejs and i build small control panel and i have roles and permissions.

when user login i store data in local storage with user data and he roles and permissions

but when the admin attach or change role or permission for any user

not update in that user if he login even he logout and login again

my solution is get current user every time from api when route change!

i put my call function in app.js 

store.dispatch('users/getUser');

is that good solution ?

Improve this question
2
  • Where are you storing the user in local storage, in mutations? Can you add the code for that part Commented May 1, 2020 at 10:26
  • @SimoD'loMafuxwana in local storage Commented May 1, 2020 at 17:08

1 Answer 1

Reset to default
1

I would not store profile and permissions in localStorage as user could inspect it and modify it.

I think you should store user id encrypted and in each route change validate if he as permission for the desired page or action.

So essentially yes but don’t forget about security.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I agree about security. So if the data is just used to display to the current user their role and permissions then this is fine. It would be insecure to rely on this to enforce any type of role/permissions. In that case anything on the client would be insecure.
@damil Yes i use vuex-persistedstate to secure state data, and i really do that to get current user data with token. Damil your idea its good.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.