一种选择是，如果用户是管理员组中只设置了路线。

One option is to only set-up the routes if the user is in the admin group.

var router = new appRouter();

if (user.group === 'admin') {
  router.route('foo/:id/edit','edit',function {
    // your admin route logic here.
  });

  // or define the function in your router and reference it
  // such as: router.route('foo/:id/edit','edit',router.edit);
}

Backbone.history.start();

如果你有路线很多，你可以创建一个包含您的管理员路线如下所示的对象：（可能要添加一个属性的路线名称虽然）

If you had alot of routes you could create an object that contains your admin routes like the following: (may want to add a property for the route name though)

var adminRoutes = {
  'foo/:id/edit':function() {
       // your logic here
   },
  'another/route': // same set-up as above
  ...
};

然后设置它们在一个循环的如果状态：

for (var k in adminRoutes)
  router.route(k,k,adminRoutes[k]);

反正，存在与这种方法的几个不同的设置选项。

Anyway, there are a few different set-up options with this method.

这种方法的好处是，你不必检查路由和用户权限的用户导航到每条航线。任一路线建立或不是。

The advantage with this approach is you don't have to check the route and user permissions each route the user navigates to. Either the route is set-up or it isn't.

如果您的用户必须升级到管理员权限，然后包装在一个函数的路由的建立逻辑并调用它，当用户被授予管理员权限的能力。

If your users have the ability to upgrade to admin rights then wrap the route set-up logic in a function and invoke it when user is granted admin access.

除了这一切，据我所知，这是不可能建立一个安全的认证系统上的前端。您还必须检查权限的服务器端，无论你决定对任何办法。

Aside from all this, to my knowledge, it is not possible to set-up a secure authentication system on the frontend. You must also check permissions server-side, regardless of any approach you decide upon.