Closed youzi closed 8 years ago
@aphorise Any crazy ideas?
How did I miss these issues? - if this is still relevant - my initial suggestion would be .htaccess
as this is the fastest / easiest where Apache
may already be in the mix. Alternatively in the context of Node
& JS
on client/server sides I'd advise a costume comparative SHA2
based function to hash credentials for storage as cookie and comparison against each session that would be determined server-side. I'm not advising MD5
as this insecure - though its easier / faster. I made use of the MD5
method in my former implementation haproxyfleet due to time shortage as well as the fact that this already had another .htpasss
based authentication before the in-app credentials.
Let me know if additional information is needed - I can strive to mock something together if needed.
Let's see if we can add password protection settings in the
package.json
per branch, so we can have some branches be private.Something like this: