Hey Guys! I'm currently thinking of how to restrict some ContentPages with a password. Context: Th

U0276E8RHEW

Hey Guys!

I'm currently thinking of how to restrict some ContentPages with a password.

Context:
The useCase is that some pages are just for customers who bought a special product. But there is no technical relation between customer and the bought product because the product could be bought elsewhere. So we have a complete new authenticationLayer without any relation here

So per page there must be the possibility to configure a password wich is needed to access the page.
In Zed it's pretty clear: Extend cmsPageForm, the DBschema and in our case the headLess implementation of the Cms.

but is there a neat and easy sulotion to provide the second loginLayer next to userLogin in yves?

Thx in advance!

fsmeier

Hey, one (not tooo simple) solution could be to add another firewall with a different authentication provider. Spryker uses in the end just the symfony auth system

U0276E8RHEW

Yes that was as well my first idea. Pretty complex and high effort for the target to archieve.

Second idea was to extend the controller and redirect to a LoginPage wich sets then a cookie with a logical hash wich i then can check on Request against the Page.

U0276E8RHEW

Feel free to challenge my idea 😄

fsmeier

Your idea seems to bring you to the goal 😄 depending if there are already ideas to have more logic I would still think about the more complex idea. if not then your idea should not cost much implementation cost for MVP

U0276E8RHEW

Ah yes. Any other restrictionCases, are user dependend and would have a technical customerRelation. And for that i would extend the CustomerAccessModule to restrict functionalities.

The future scope in this case is pretty clear so I'll try the cookieSolution without SymfAuth.

Thanks for your thougths! Helped a lot!