User Impersonation #6088
fthobe
started this conversation in
New Features or Ideas
User Impersonation
#6088
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Desired Behavior
It is possible from the admin interface to login on the storefront as a user.
The easy to allow user impersonations could be done as here:
Pretender Gem
The correct way would be to fully separate user and admin.
(Optional) Current Behavior
Both, Admin as well as regular user share the same user mechanism.
this makes user impersonation more difficult as as the admin sessions move in the same space as the user sessions;
opens door to security implications such as privilege escalation.
Beta Was this translation helpful? Give feedback.
All reactions