|
|
|
|
|
|
by samjs
1539 days ago
|
|
|
Honestly, if your authorization needs are coarse enough that you can (a) handle it as middleware at the controller level, and (b) mostly just rely on roles, then you're probably in a good place to keep going with that! It avoids a lot of the complexity of centralization. Where we normally see people considering Oso is when the model gets more complex, or the data requirements get larger. E.g. when you introduce new features like user groups, projects, or sharing, then the amount of logic + data you need to share between the services grows beyond what's sustainable. If you're current system is working for you, I'm not going to try and tell you otherwise! If that changes though, let me know ;) |
|
|