[Feedhenry-raincatcher] Authorization in Raincatcher

[Summers Pittman]

Hey guys,

I'm working on a application using Raincatcher and I am a little hung up on
the best way to do per user or group based authorization inside of
Raincatcher modules.

I looked at the demo project and played around with it some.  I noticed
that access to the API itself was secured via the mBaas via node
middleware, but once I had a valid login token if I hard coded a user's ID
in the file upload section I could upload files as that user instead of the
user I was logged in as.

I checked with Paulo and he said that authorization isn't done in the demo
and basically everyone is an admin.

So what is the best way to go about user based authorization?

Summers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/feedhenry-raincatcher/attachments/20170117/8e1d54ce/attachment.htm>