Reputation: 12898
I guess this may be a 'lost case', but is it possible to password protect one or more pages generated by DocPad?
Is it possible to make a plugin or something that let you say protected = true
in the metadata section of a page?
Or do I have to use .htaccess or similar to protect my pages?
Upvotes: 3
Views: 1280
Reputation: 409
an other way (but it's just a concept right now) could be : when you tag a document with a protection (protected:password or need-access-right:account-list) the document is crypted and then published as static content by docpad.
client-side, if you access to a protected page, the crypted content is loaded and a script ask for a password (or for your account info) and then, try to decrypt the content with it.
So you can have protected content on a static server without apache specific .htaccess and it performance issues.
Upvotes: 0
Reputation: 48650
If you're planning to host on a node.js hosting provider, then you can use the following gist: https://gist.github.com/4557006
The idea is that we use the serverExtend
event to add a new express.js middleware. Middlewares added via the serverExtend
event are added before docpad's middlewares are added, so this is the ideal place for this authetnication layer as well as most other use cases for custom routes/middlewares etc. Our custom middleware will then check to see if the document that is being requested is a protected document or not, if it isn't it continues down the middleware chain (probably hitting the docpad middlewares and rendering normally) or if it is a protected document then we'll forward it onto the express basicAuth middleware.
Upvotes: 5
Reputation: 118
I guess you could indeed declare protected = true
in the page metadata and have a collection named protectedPages in docpad.coffee
:
collections:
protectedPages: (database) ->
database.findAllLive({protected: true})
And then create a file .htaccess.eco
that looks something like that :
AuthUserFile /full/path/to/.htpasswd
AuthType Basic
AuthName "Protected area"
<% for document in @getCollection('protectedPages').toJSON(): %>
<Files "<%= document.url %>">
Require valid-user
</Files>
<% end %>
and it should be easy to turn this into a plugin that generates the .htaccess file. You could use the sitemap plugin as an example.
Upvotes: 2