The easiest way to restrict access to application backend, is to check the address of the current page, and if it starts with
/admin then check a logged user rights. This can be implemented through filters, that appeared in the fourth version of the framework.
Basic App Corelibrary contains an admin filter via Composer.
composer require "basic-app/core:dev-master
public $aliases = [ ... 'admin' => \BasicApp\AdminFilter::class ]; ... public $filters = [ ... 'admin' => [ 'before' => ['admin', 'admin/*'] ] ];
If you have an another implementation of users and rights, then you can inherit your class from
BasicApp\BaseAdminFilter and override