Feb 24, 2017
0
Level 5
Home-Rolled Permissions & Roles along with Passport Password Grant Tokens
I'm interested in returning password grant tokens from Passport that have scopes defined in my home-roled ACL (basically copied from the Laracasts episodes on the subject).
For instance, I have defined in my database a "super_admin" role with a permission of "edit_users". As it is, I have Passport set up to authorize this user with a token, and I can look up their permissions via an API call.
What I would like to do seems to be stepping in before the token is generated to check their role and then generate the token with that role as the scope... but that approach seems very weird.
I hope this makes sense.
Thanks!
Please or to participate in this conversation.