Manage access control using Redis Bitfields

One of the hardest parts about writing a user-facing app or service is controlling access to resources. Decisions about access control are some of the earliest to be made and can make or break an entire platform. It’s usually a trade-off between granularity and speed. Let’s explore how to leverage Redis to get granular control and speed at the same time.

One approach is to set up “user levels,” typically numbers or roles such as “admin,” “regular user,” “privileged user,” etc. This approach alone is usually not a very viable path as you run into a never-ending additive process (“super-super-admin” or “disabled-regular-user,” etc.) or create a mess of widely spaced user levels and hope for the best.

To read this article in full or to leave a comment, please click here

Source: | Security

Leave a Reply

Your email address will not be published. Required fields are marked *