We need to protect the prototype because of the status of the data we are using. A simple way to implement this without a database would be to have a single "access code" that a user has to enter in order to see any pages of the app.
Once the user enters the correct access code, then a value is set to allow that user for 24 hours. So, we need a session, and we can use a cookie-based session for this purpose. See here for use of cookies for session storage in Node
Tasks
[x] Set access code value via ACCESS_CODE env var
[x] Set whether app is protected by the access code via IS_PROTECTED env var
[x] Write middleware that handles the access and sets appropriate settings in user session
[x] Write handler to take the user-entered access code
[x] User access should expire in 24 hours
[x] View for entering the access code in order to proceed, all other views redirect to it if IS_PROTECTED and user has no session with valid ACCESS_CODE
pwalsh
commented
9 years ago
Implementation
We need to protect the prototype because of the status of the data we are using. A simple way to implement this without a database would be to have a single "access code" that a user has to enter in order to see any pages of the app.
Once the user enters the correct access code, then a value is set to allow that user for 24 hours. So, we need a session, and we can use a cookie-based session for this purpose. See here for use of cookies for session storage in Node
Tasks
ACCESS_CODEenv varIS_PROTECTEDenv varIS_PROTECTEDand user has no session with validACCESS_CODE