If I want to use a hash table to find the permissions, the permission processing should be placed in the middleware.
For example, for the GET /users route, the permissions I indicate are users.read
But for the GET /users/:id route, the actual value may be /users/1, so the hash key is difficult to write
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
From /users/1, find the route GET /users/:id, and then determine permission control based on this route.
Hash key plus regularity?
Regular matching to obtain the id value, and then hget to obtain permissions. However, this suggestion is written in lua on the nginx module. There is no need to let the request go to the application stage