Restricting Storefront Access for Anonymous Customers

bhupendra.doniwal
bhupendra.doniwal Posts: 55 🧑🏻‍🚀 - Cadet

Hi Spryker community,

I'm currently working on configuring my Spryker storefront to restrict access for anonymous customers, redirecting them to the login page. I've come across a configuration for this purpose, but I'm facing some challenges in modifying the regex patterns.

The current configuration I'm using is as follows:

$config[CustomerConstants::CUSTOMER_SECURED_PATTERN] = '(^/login_check$|^(/en|/de)?/customer($|/)|^(/en|/de)?/wishlist($|/)|^(/en|/de)?/shopping-list($|/)|^(/en|/de)?/quote-request($|/)|^(/en|/de)?/comment($|/)|^(/en|/de)?/company(?!/register)($|/)|^(/en|/de)?/multi-cart($|/)|^(/en|/de)?/shared-cart($|/)|^(/en|/de)?/cart(?!/add)($|/)|^(/en|/de)?/checkout($|/))';

$config[CustomerConstants::CUSTOMER_ANONYMOUS_PATTERN] = '^/.*';

I've attempted to modify the regex patterns to achieve the desired behavior, but unfortunately, it's not working as expected. Can anyone provide assistance or suggest an alternative approach to restrict storefront access for anonymous customers?

Your insights and guidance will be highly appreciated!

Thank you!

Best Answer

  • fsmeier
    fsmeier Senior Software Engineer & Developer Enablement Advocate Sprykee Posts: 1,084 ⚖️ - Guardians (admin)
    Answer ✓

    Heyhey,
    let's inverse it:

    leave the ANONYMOUS_PATTERN as default, but specify that everything except xyz is secured.

    For example:

    $config[CustomerConstants::CUSTOMER_SECURED_PATTERN] = '^(?!(/en|/de)?(/login$|/register.*|/error/.*|/password/.*|/robots.txt|/agent.*|/sales-agent/*|/imprint)).*';
    

    I am happy to hear back from you if this works :)

    All the best,

    Florian

Answers

  • fsmeier
    fsmeier Senior Software Engineer & Developer Enablement Advocate Sprykee Posts: 1,084 ⚖️ - Guardians (admin)

    Heyhey @bhupendra.doniwal ,

    it's not working as expected

    Can you please elaborate on this? What is not working as expected?

    All the best,

    Florian

  • bhupendra.doniwal
    bhupendra.doniwal Posts: 55 🧑🏻‍🚀 - Cadet

    For example
    $config[CustomerConstants::CUSTOMER_ANONYMOUS_PATTERN] = '^/(?!login_check|login\/(en|de)$)';

    it should access only the login page and login check but all the other pages are accessible like PDP PLP
    or can you help me write the right regex?

  • fsmeier
    fsmeier Senior Software Engineer & Developer Enablement Advocate Sprykee Posts: 1,084 ⚖️ - Guardians (admin)
    Answer ✓

    Heyhey,
    let's inverse it:

    leave the ANONYMOUS_PATTERN as default, but specify that everything except xyz is secured.

    For example:

    $config[CustomerConstants::CUSTOMER_SECURED_PATTERN] = '^(?!(/en|/de)?(/login$|/register.*|/error/.*|/password/.*|/robots.txt|/agent.*|/sales-agent/*|/imprint)).*';
    

    I am happy to hear back from you if this works :)

    All the best,

    Florian