Backend Low Level Design 4
About Lesson
Authentication and Authorisation Intro
In the example we saw earlier, certain pages don’t need any special permission or proof of identity because they’re open to everyone. However, there are pages where you need to prove who you are, like providing your email or a user ID when you submit a problem on a site like LeetCode. Some parts of websites are restricted, meaning only certain people with specific roles can access them, like editing a problem where only admins or authorized users can do so.

Authentication is the process of confirming someone’s identity to make sure they are who they say they are. It’s like showing your ID to prove you’re really you.

Authentication

Authorization is like getting permission to do something. It’s when you’re allowed to access certain parts of a website or do specific actions, like editing a document or changing settings

Waht is Authorization
bookmyshow

In the BookMyShow example, you can check ticket availability without needing authorization or authentication. However, to actually book a ticket, you need authentication by providing your email. Cancel a ticket requires both authorization and authentication.

RBAC (Role-Based Access Control) -> RBAC, or Role-Based Access Control, is a system that manages who can do what within a computer system or application based on their role. In simpler terms, it’s like assigning different permissions to different job titles or roles. For example, an admin might have the ability to delete users, while a regular user can only view information.

© GeekySanjay