Best of AuthorizationJune 2025

  1. 1
    Article
    Avatar of marvelkenmarvelken's public Squad·48w

    From Swipes to Subscriptions: Building Permission Layers in a Dating App

    A comprehensive tutorial on building permission layers in a dating app using Next.js, Supabase, and Permit.io. The guide demonstrates implementing a subscription-based access control system where free users have limited daily swipes and can only view first photos, while premium users get unlimited swipes and full profile access. Covers database schema design, role-based access control setup, and feature gating strategies for modern web applications.

  2. 2
    Article
    Avatar of joyelijahjoyelijah's public Squad·48w

    Implementing Relationship-Based Access Control in a Google Sheet Clone

    Explores implementing Relationship-Based Access Control (ReBAC) in a collaborative spreadsheet application similar to Google Sheets. ReBAC provides granular permissions where users can have different access levels (Owner, Editor, Viewer) for individual documents rather than global roles. The implementation uses Next.js, Supabase for database and authentication, and Permit.io for authorization management. The system allows document owners to share spreadsheets with specific permissions, enabling fine-grained control over who can view or edit each document.

  3. 3
    Article
    Avatar of baeldungBaeldung·49w

    Authorize Request for Certain URL and HTTP Method in Spring Security

    Spring Security provides flexible mechanisms to authorize requests based on URLs, HTTP methods, and user roles. The tutorial demonstrates implementing role-based access control in a blogging platform where users can manage their own posts while admins have broader permissions. Key concepts include configuring SecurityFilterChain for URL-based authorization, using @PreAuthorize for method-level security, implementing custom UserDetailsService for database authentication, and creating service layers that enforce business logic with proper access controls. The implementation covers user registration, authentication, and CRUD operations with appropriate security constraints.

  4. 4
    Article
    Avatar of awsAWS·47w

    Express.js developers can now add authorization in minutes with Amazon Verified Permissions

    AWS released an open source JavaScript package that enables Express.js developers to implement authorization using Amazon Verified Permissions and Cedar policies. The package moves authorization logic outside application code into externally managed policies, allowing developers to define role-based access controls without embedding complex authorization logic. The integration works through middleware that validates permissions before processing API requests, and policies can be updated without modifying application code.

See all Authorization archives