Often there are situations when it is necessary to add administrative functions to your application without creating an authentication system. Suppose I created a blog (yes, so trivial). All users have the right to view the list of articles, read articles, create and view comments: guests, administration, and frequent visitors are all. But now only admins have the right to create articles, delete them, delete and edit comments. How to organize this structure? The first thing that comes to mind is http-basic-authetication, but I don't think this is something that should be used in a real application. Then one could create a simple authentication system. But why? People have no reason to register on the blog, if they can read posts. Actually, hence the question: How to competently build such a system? Add only Admin model and add namespce admin to routs? Or how? Interested in how to solve such problems most correctly. Thank.

Closed due to the fact that the question is too general for the participants D-side , Grundy , aleksandr barakin , PashaPash 12 May '16 at 12:14 .

Please correct the question so that it describes the specific problem with sufficient detail to determine the appropriate answer. Do not ask a few questions at once. See “How to ask a good question?” For clarification. If the question can be reformulated according to the rules set out in the certificate , edit it .

  • embed any authorization system, the same devise. If a person is logged in - show him what meets his rights. If not, show the guestbook. Moreover, it is not necessary that the registration form be “generally accessible”. - KoVadim
  • You do not want authentication, but you want to identify some visitors? You already decide, because now it looks like "I want A and not-A." - D-side
  • @D-side I'm trying to find out if there are any alternative ways to solve this problem. Or still have to do authentication, but limit it from ordinary users? - smellyshovel
  • Authentication by definition is the identification of visitors. Therefore, if you want to give someone more rights than others, authentication is necessary and the only question is which one , and the choice is great. - D-side
  • @D-side is what I wanted to hear. - smellyshovel

0