Password protecting Apigility admin UI without htpasswd

Question

I was being searching to password protect apiglity admin ui without using htpasswd, but i did not got any information about. Can anybody help me out with this?

Thanks in advance

Answer 1

You don't need password protection for ApiGility UI. Access should only be allowed in the Dev environment.

php public/index.php development enable <- to enable the UI
php public/index.php development disable <- to disable the UI

If you consist of having password protection for it. Then you can add an event to the Application Module.php that check if the identified user is allowed to access that resource.

Edit - If you do want to protect something by password

The following code should be placed in the Module.php file. (In many cases under the Application module).

It call the event manager and attach action to the Dispatch event. Every time the application reach the dispatch phase it will fire this event.

The action is passed as a call back so you can attach function, classes ans etc. In this example I passed a new class that have access to the MvcEvent ($e).

For example, that class can check if a user is logged in. If it is not then redirect him to /login.

public function onBootstrap(MvcEvent $e)
{
    $eventManager = $e->getApplication()->getEventManager();
    $eventManager->attach(MvcEvent::EVENT_DISPATCH, array(new UserAccessChecker($e), 'getResponse'));
}

For the purpose of auth You should further investigate ACL & RABC