I would like to create a web app similar to Stack Overflow in that the users will have different "point" levels and that their capabilities within the web app will be different based upon their point level.
Question: How can this best be implemented? How can it be implemented in a way that is un-hackable (i.e. accessing capabilities that should not be available)?
I figure there are two ways to do this: server-side and client-side. For the server-side solution, for each page request you check who the user is and have the CGI rewrite the page开发者_Go百科 so that the client only gets a web page with the intended capabilities. For the client-side solution, the server gives the client the fully capable app and it is the client's job to check the point level and to handicap the app appropriately.
It seems like the client-side solution would be easier on the server, (which is really important for my app), but more susceptible to someone hacking and using capabilities unwarranted by their point level.
Say you want to restrict downvoting to those with over 125 points.
In your server-side code (not client-side JavaScript):
- You should show the downvote link only if the user has at least 125 points.
- You will have to check whether the user has at least 125 points whenever he tries to downvote.
The reason is that you cannot trust the client (for web applications, the web browser). Those interested in defeating such a lockout that only exists on the client side could easily do so using such software as Greasemonkey or Wireshark.
The client side solution will be easier for performance and scale but for security it is really bad. Anything inside users's machines, they can hack it. It is the theory. They can use a sniff tool like Wireshark to see what will be sent to your server and mimic that process
You'll probably have to do the checking on the server side. Note that you should check both:
- when generating the page, don't offer additional capabilities that the user doesn't have
- when handling an action, check that the user does have the capability
If you don't do both these, then users will discover how to tell the server to do things they aren't supposed to be able to do.
I'm thinking that you are going to have to go with most of the logic residing on the server and a cookie for the users which would hopefully help reduce some complexity in serving clients.
Like others have said, if you want security, you need to do the privileges on the server side. I don't think you would see bad performance if you stored each user's privileges in a database. Then, when the user fetches the page, you do a lookup, check privileges and render the page accordingly.
精彩评论