Role Based Access (RBAC) in authentication

RBAC assigns permissions based on roles (admin, user, editor). Users get roles, roles have permissions. Middleware checks if the user's role has the required permission for each route.