I need a very simple password protection on a page - no creation of user profiles or anything, just one page with password protection that can be set in Umbraco v8.
I've finagled something close to what I need with the Umbraco Public Access - I can login and it technically works, but I have to reload the page in order to see the protected content. If I don't reload, it stays on the login screen.
Is there a way to fix the login so that it refreshes and reveals the page once successful? I've tried javascript refreshes added to the login button onclick but they don't work.
Even if I have to start from scratch, what's the best way to password protect a page?
No, it has nothing to do with the Umbraco backend or login at all. It's just a regular page on the front-facing website that needs to be password protected.
I know the Public Access setup involves making a user login, but that's not a login that would ever be used to log into Umbraco for this -- in fact, I've already pre-filled and hidden the field for the "Username" part of the login functionality and would only give the visitors the password, not the login/password combo.
For the linked tutorial, it makes the successful login proceed to a login page that has the "Logged in as: (user)" information. Do you see a way I could bypass that and load the page with the applied Public Access settings instead? Users knowing they're logged in and being able to log out isn't important, they just need to see the hidden page immediately.
Could you just do it like this in the logout partial where it currently renders the logout button? You could grab the destination URL with razor as well if you wanted instead of hard coding.
How should I grab the URL with razor? I keep trying variations of getting the current page url and using it either on the logout partial or in the member controller (to replace the "/login/" redirect that happens on successful login), but I just keep pulling the login page because that's technically the current page when the code runs.
Is there a way to store the protected page's url before it proceeds to the login page and then use it after the successful login?
I would've preferred to avoid any hardcoding so that the password protection could be done by the user at any moment on any page, without having to edit code files after the fact, but I guess this looks like the only way to get to the correct page.
It's strange that it's not easier to get a login to go directly to the page a user is trying to access. I know Umbraco 6's public access settings behave closer to what I'm wanting but not so much Umbraco 8.
There might be that i'm not aware of. Like you could grab info on the page from http_context or something probably, we also only have one v8 site at this point so can't provide a lot of help specific to that.
I think I may have gotten it to work as needed by redirecting to "Request.RawUrl" instead, although I don't know if that might cause issues. It seems to work, though.
Password protect a page from site visitors
I need a very simple password protection on a page - no creation of user profiles or anything, just one page with password protection that can be set in Umbraco v8.
I've finagled something close to what I need with the Umbraco Public Access - I can login and it technically works, but I have to reload the page in order to see the protected content. If I don't reload, it stays on the login screen.
Is there a way to fix the login so that it refreshes and reveals the page once successful? I've tried javascript refreshes added to the login button onclick but they don't work.
Even if I have to start from scratch, what's the best way to password protect a page?
Are you trying to do this so someone can see it with an Umbraco user login, or someone with a member login can see it?
No, it has nothing to do with the Umbraco backend or login at all. It's just a regular page on the front-facing website that needs to be password protected.
I know the Public Access setup involves making a user login, but that's not a login that would ever be used to log into Umbraco for this -- in fact, I've already pre-filled and hidden the field for the "Username" part of the login functionality and would only give the visitors the password, not the login/password combo.
So you could create a member (not user) then create a member login page with a form. Or the super easy way is to just protect the page in IIS.
Member login example, a bit involved initially but easy to extend to other pages: https://codeshare.co.uk/blog/tutorial-how-to-create-member-login-and-logout-form-in-umbraco-mvc/
For the linked tutorial, it makes the successful login proceed to a login page that has the "Logged in as: (user)" information. Do you see a way I could bypass that and load the page with the applied Public Access settings instead? Users knowing they're logged in and being able to log out isn't important, they just need to see the hidden page immediately.
Could you just do it like this in the logout partial where it currently renders the logout button? You could grab the destination URL with razor as well if you wanted instead of hard coding.
How should I grab the URL with razor? I keep trying variations of getting the current page url and using it either on the logout partial or in the member controller (to replace the "/login/" redirect that happens on successful login), but I just keep pulling the login page because that's technically the current page when the code runs.
Is there a way to store the protected page's url before it proceeds to the login page and then use it after the successful login?
(Thank you for your help on this, by the way!)
You could do it by ID, which isn't great if you have many protected pages but will work for one.
Where 1234 is the ID of the protected page.
I just realized you can do a redirect in razor also like this so can probably skip the JS.
I would've preferred to avoid any hardcoding so that the password protection could be done by the user at any moment on any page, without having to edit code files after the fact, but I guess this looks like the only way to get to the correct page.
It's strange that it's not easier to get a login to go directly to the page a user is trying to access. I know Umbraco 6's public access settings behave closer to what I'm wanting but not so much Umbraco 8.
There might be that i'm not aware of. Like you could grab info on the page from http_context or something probably, we also only have one v8 site at this point so can't provide a lot of help specific to that.
I think I may have gotten it to work as needed by redirecting to "Request.RawUrl" instead, although I don't know if that might cause issues. It seems to work, though.
is working on a reply...