Password protected Pages

by Jon Erik Solheim

Restdb Pages lets you create any content from your database and deliver it on a custom route. However, sensitive content must be protected. That's why we made it simple to include user authentication in any Page. All you have to do is to add the #auth tag to the Page source code.

The #auth tag instructs the server to require an authenticated user before serving the Page content. The example below shows how to protect a page with a simple username and password.

{{#auth}}
{"password": "secret", "user": "jane"}
{{/auth}}

My sensitive content here ...

Hard coding a username and a password is ok for a quick-fix or ad-hoc needs. For a more scalable solution the users and the passwords should be managed in your database.

This example shows how to authenticate users against a database Collection called "myusers". This collection must contain fields for username and password.

The #context query uses the credentials object from the Page authentication to match a record from the database Collection, and the #auth tag matches the first record from this result to verify an user.

{{#context}}
{
    "user": {
        "collection": "myusers",
        "query": {"username": "{{credentials.name}}", "password": "{{credentials.pass}}"}
    }
 }
{{/context}}

{{#auth}}
{
    "password": "{{user.0.password}}", "user": "{{user.0.username}}"
}
{{/auth}}
... 
Top secret content here

This is how a web browser will present a Page with authentication:

Check out the demo site for examples at restdb.site.

Read the docs: https://restdb.io/docs/Pages

Blog

Password protected Pages

Search

Topics