search

CUCentralAdvancement / cms

The Central Advancement Content Management System
MIT License
0 stars 0 forks source link

Try wwwhisper Out #44

Closed alexfinnarn closed 3 years ago

alexfinnarn commented 3 years ago

https://elements.heroku.com/addons/wwwhisper

It allows for access control via routes using a token system. If this works, it's the simplest thing to do, although Auth0 and next-auth provide ways for token auth vs. traditional logins.

Acceptance Criteria

var wwwhisper = require('connect-wwwhisper');
// app holds a reference to express or connect framework, it
// may be named differently in your source file.
app.use(wwwhisper());

// Alternatively, if you don't want wwwhisper to insert
// a logout iframe into HTML responses use.
app.use(wwwhisper(false));
alexfinnarn commented 3 years ago

This addon works, but since there are API requests, images in /public, etc. the rules don't work as well as I'd hope. I'll leave this in the codebase but turn it off. It might useful at some point.