I have two angular applications, one is for services I have listed, other is admin login and admin uses.
For 1st Application eg URL: https://example.com/
For 2st Application eg URL: https://example.com/administrator/
If I entered URL like https://example.com/administrator/login, it going to first application, how to navigate URL's like above to my second application.
How to handle this problem?.
I think you can use different modules for different tasks. Such as for users redirect to nomal url https://www.example.com and for admin or administration use https://www.example.com/admin.
.
And use canActivate guard for admin login.
Example... You.can.see my website designed in Angular.
https://www.aman-g.com
Related
I have a react app and a gatsby site that I would like to deploy on the same domain.
The app and the website have non conflicting routes for all pages except for the root page /.
Ex.
Website
/
/blog/example-1
/blog/example-2
/about
/pricing
App
/
/:id
/profile
/settings
/new
There is plenty of documentation on how to deploy 2 apps that have non conflicting domains but how can I serve the website root path (/) when the user is not authenticated and the app root path (/) when the user is authenticated.
I'm deploying with Heroku and my authentication is done through Auth0.
How can I do this? Options I'm considering/finding are:
Add some sort of proxy (HAProxy, Caddy) in front of the app that determines if the user is authenticated and serves the correct page.
Building the website alongside the app but using SSR for the website for SEO purposes
Something else?
I have an api project written using laravel which uses passport to generate api tokens. These tokens are used to distinguish who is hitting my routes so that the appropriate data is returned. All of this is working currently.
Both the token generation screens and api routes are contained within the same project. So hitting:
example.com
Brings you to the login screen. Once you log in, you generate a token and then use that token in subsequent requests to the api routes. The token is included when making requests for:
example.com/api/route1
example.com/api/route2/id1
Etc.
Toward the end of the project a requirement has come up to increase the security of the login page. I would like to generate a client certificate that I provide to my users that is necessary for accessing the login page.
How would I do this without affecting how I have the api routes setup? In other words, I am looking to have a workflow for users like this:
import certificate into browser
Now that certificate is installed, user can access login page
login, generate token
use token to make programmtic calls to api routes. These calls should not require the landing page certificate.
Is this possible? Or will adding the client certificate for logins affect the api routes as well?
Thanks for any advice.
You could wrap your routes which require a certificate around a middleware. This middleware should to check if the certificate is installed otherwise redirect them to the pages accordingly.
Checkout the docs
https://laravel.com/docs/5.4/routing#route-group-middleware
and
https://laravel.com/docs/5.4/middleware#assigning-middleware-to-routes
You can also use gates and policies for certain actions: https://laravel.com/docs/5.4/authorization
Lets say a user can update a post, but cant delete it. Those policies are helpfull for it
Is it possible to modify the Laravel App Authentication? like I want to show different forms per different login route, like If I have 2 different login routes for admin and user.
Admin login route, can access the admin dashboard
/app/system/login
User login route, can access only the user page
/app/system/user/login
I tried to do
php artisan route:list
and I see this
LoginController#login
LoginController#showLoginForm
but I don't know where to find them to modify those for my requirements. Any help, ideas please?
You can edit Auth Controller is in Http/Controllers/Auth/AuthController.php, functions get import from file Illuminate/Foundation/Auth/AuthenticatesUsers.php.
Read to documentation how create other auth.
Need some idea on the process to land in a page after I login to my web portal. My requirement is I will enter Url of a particular page in to the browser, then system will check is the user is login to the system, if yes it will land on the page I have entered but if not then system will take me to the login page and after successful login I will be landed in to the page I have entered in the browser.
So, please tell me how to do it in plain servlet/Jsp model, Spring and Struts 1 and Struts 2.
Any post will be helpful
I know about basic jsp/servlet model.
Write a Servlet filter which will intercept every request from the brwoser, there check is the user is logged in or not. If logged in your normal flow will continue but if not then redirect to the login page. When you are redirecting to the login page, make sure you send the url hit by browser in the response. Now in client side hold the url send in response and after eneter credentials in login page when user will submit the record send the url (Hold in the client side from response) in the request and after successful login use Servelet Request dispatcher to land in the url.
I am not sure but spring-security has this feature and struts 2. But implementation process can be share by others who are familiar on this technologies. But in struts 1 it's not available and you have to do it manually.
it will very easy with spring security you just need to secure some path pattern. you doesn't need to add some code in your jsp or controller, example
for url /admin/* need administrator role
for url /user/* need user role
for url /public/* no need login (anynomous)
it just need configure at your spring-security.xml
you can start here
I have a multi-server single-store Magento setup as follows:
n webservers behind a loadbalancer at www.mydomain.com
Admin server serving the admin panel answering at admin.mydomain.com
The setup works fine, and when I go to www.mydomain.com/admin I will ultimately be redirected to admin.mydomain.com/index.php/admin. My problem is that if you go to admin.mydomain.com/store-page.html where store-page.html is a product, category, or other page, then the page is served. I don't want this to happen for both SEO reasons (we discovered this because someone posted links to our store on the admin server) and load balancing reasons. Is there a way in Magento to tell a specific server not to serve store pages?
lot of possibilities:
protect the admin with http basic authentication
make a mod_rewrite rule to redirect all requests to admin page
protect the admin domain with ip access rules etc