Play with Authorization
TL;DR Authentication or authorization? What is the term I need to use with my current scope of work? Do I need to authenticate the user or authorize it? Ok! I need to authenticate the user and then authorize (or the opposite). Dictionary: Authentication - is the process of verifying the identity of a user. How can we do it? As a basic scenario, when only one person knows the combination of login and password, we need to check if the combination is correct to authenticate the user. Authorization - verifies the user has the right to access the resources. Can I read the file? Can I write to the file? I would like to share how to build an authorization service. Big Picture I believe authentication and authorization can be separated - or treated on many different levels. When we consider the authorization for GitHub: ...