https://discord.umbraco.com logo
Join Discord
Powered by
Global login redirect?
# help-with-umbraco
c
When using role-based permissions for Member page views, the Umbraco 13 backoffice provides a 'Restrict Public Access' popup, that lets you pick the groups with permission, but also forces you to choose a login page and error page. In my case (and I feel like, in many if not most cases) all pages that are restricted have the same login page and the same error page - Is there a way to set this globally (at least, for pages that have access restrictions) or do I really have to teach page editors to set it on each page being restricted?
Also, if there's a way to set it to a controller/action instead of a page, it'll save me on creating a few dummy page-types just to handle routing.
m
All decendants will have the same restrictions applied to them so you would only need to set this at the top level
c
Fair enough! In the site I'm currently working on, many specific pages are permissioned, but not a clear 'all pages under this subtree' relationship
If you're saying I can go to the top-level page and say 'here's the login / error pages to use if any page fails the restrictions, but only specific pages under here are actually restricted' that's good to know and I'd like to understand how to do that
m
I would say that your use case isn't what @Matt Wise is mentioning, that's just by convention hierarchically all nodes under a protected node are also protected. maybe override here https://github.com/umbraco/Umbraco-CMS/blob/729016e429f9108639c33a00a33a93761e943da3/src/Umbraco.Web.Website/Routing/PublicAccessRequestHandler.cs#L43? but for distributed protected pages the backoffice ui is going to force you to choose a login/error page anyway, though I guess you could tell the editor to choose anything as it will be overriden?
ps there is nothing stopping you from flagging a page as protected via your own property on the doc type.. and implementing your own check in the template/partial/view component or overrideing the renderController. (and using the membershiphelperservice/identity to check the required auth/member groups are satisfied) I think you can pass a returnUrl into the login page for flow..
c
🤔 Interesting. I didn't see anything relevant in the member registration documentation to this case, but always good to link to the documentation just in case 🙂 So I suppose my options here are: * Just leave it as-is, editors pick the 'login' page on each page individually, and I figure out a way to have the 'login' page redirect to the real login at my custom controller action, /auth/signin. * Figure out how to override PublicAccessRequestHandler's RewriteForPublishedContentAccessAsync method, probably switching out the switch case at line 105 for a 'redirect to /auth/signin' statement. Worried this will have side effects or require a bunch of attention to keep it working in future Umbraco updates. * Scrap the usage of 'Restrict Page Access' altogether and cobble together my own doctype property and override the renderController to boot you to /auth/signin if the user isn't allowed. Heavier initial lift, and similar to above I wonder how much of a lift maintaining the updated RenderController going forward will be, but surprisingly the least 'hacky' feeling answer.
Of those, I think I only have time for the first option without going back to the client for more time - should just be as simple as making an AuthRedirect page type, and then using a custom RenderController hijack for it to call public IActionResult SignIn() { var originalUrl = this.UmbracoContext.OriginalRequestUrl.PathAndQuery; return Redirect("/auth/signin?returnLocation=" + Uri.EscapeDataString(originalUrl)); } EDIT: That seems to have worked. Not a fan of the redirecting but not interested in doing heavy customizing of Umbraco right now.
108 Views
PreviousNext
Powered by