Multiple session secrets - switching between

[Patryk Cieszkowski]

I'm new to Sails, therefore I'm having silly problems. Excuse my ignorance.

I want to separete my site into two different sections; main content and admin panel. I need additional verification before entering admin CP, so I want to use different sessions for those two sections. How do I do that? The best idea would be to use different secret for admin routes. But how do I change that? How do I modify session secret based on the route I'm in?

[Wulf Solter]

I run multiple policies (http://sailsjs.org/documentation/concepts/policies) for various endpoints. Most endpoints get the 'authenticated' policy, others the 'admin' policy.

On Tue, Jun 7, 2016 at 3:11 PM, Patryk Cieszkowski <ciec...@gmail.com> wrote:

I'm new to Sails, therefore I'm having silly problems. Excuse my ignorance.

I want to separete my site into two different sections; main content and admin panel. I need additional verification before entering admin CP, so I want to use different sessions for those two sections. How do I do that? The best idea would be to use different secret for admin routes. But how do I change that? How do I modify session secret based on the route I'm in?

--

Wulf Sölter

CTO  Wherewolf Ltd. (+64) 21 294 1295 (+64) 3 45 111 00 wu...@wherewolf.co.nz

[Patryk Cieszkowski]

That's what I was thinking would be a good idea to start with. Are you dynamically replacing sessions.secret value, or what do you do to separate those sessions?