This is the scenario:
I have an app where customers can register and have a private area. I need a way to protect their personal data. I would like to implement an interceptor to check if the record they have permission to view the area they are accessing to.
So for example User1 try to access /area/1 and he can. But if user1 try to access /area/2 he is routed to an error page.
To make this I was thinking to implement an interceptor, announce the interceptor in the prehandler of area handler and check if he has the privilege to view the record.
Is this a good choiice?
Or I could make something different?