mattyx96
1 week ago

Architecture of an ERP software

Posted 1 week ago by mattyx96

Hi guys,

I'm designing a new software (Laravel + React + SQL) that will manage different stuff for companies.

  • There is a father company and many child companies.
  • Each company can have an Admin and different types of employee.
  • The staff of the father company can do actions on the father and child companies ( admin can do everything, a salesman can do just sales stuff )
  • The admin of a child company can do almost everything on his company ( certain data can be only written on the db by the admin of the father company ) and the employees can do role-based actions but only on their company.

Once the users login in the app, it will show them different results an submenus based on the role of the user. For example Admin will see also the control panel menu...

The front-end part will show the right view depending on if the user is an Admin of what company etc.

To make this I'm thinking about permissions to give to a user to make him Admin or Employee or what else.

Issue #1 I'm not sure about the best way to make a secure login, I'm thinking about Passport with only one users table, the system will provide a response depending on the role of the user.

Issue #2 This issue is related to the APIs authentication. I saw Laravel policies but I was thinking about using 2 middlewares: the first one for checking if the user token sent with the request corresponds to a user and the second one to check if the user have the permission to call that endpoint, but I haven't idea on how set properly the permission needed for call the single endpoint... can you please suggest the best practice?

If you think that my architecture is not too good, i'm totally open for suggestions.

Thanks for the help.

Please sign in or create an account to participate in this conversation.