View articles from a logged in user only

[giacoppo]

Hello!

I'm using your Mean Stack Relational as a basis for a new Contact Management App.
I did the whole setup and connected everything to a local SQLite database.
All works just fine my only question is how can I get it to work in such a way that a logged in user gets to see only his own articles (contacts in my case)? Right now a logged in user sees all the articles even those from another user. A logged in user is not allowed to delete an article from another user so it should be possible to list only the articles (contacts) of the user's articles or contacts.

Please let me know so I can work on this.

With kind regards,

Alessandro Giacoppo

[jpotts18]

Hello Alessandro,

It seems like what you are asking for is authorization. I have demonstrated authentication but not authorization which is highly custom on each project. This explains the difference between authorization and authentication

What you will need to do is decide how you want to structure your different authenticated roles. For example do you want a user to see only his own contacts? If you want this then you could add a foreign key to each contact and match it to the user that the contact belongs to and modify the query to perform a join between the contacts and the users when queried.

You may want to authenticate specific groups of users. For example you might want to have several admins that can see all contacts and users that can see only their users. If this is the case then you would need to hook the application up to an Access control list

Since authorization is not the primary focus of this project I will close this issue but I hope it points you in the right direction.