I'm not very used to Apostrophe and currently checking out that CMS.
What I want to do is implementing a user login at the frontend.
I tried using the apostrophe-user module but users that were created using that module are able to login to the backend and I don't want them to be able to do this.
Is it somehow possible to achieve what I want to do?
Thank you very much in advance!
Edit: I'm also using apostrophe-headless
You can use apostrophe-groups to create a sub group of users with specific permissions and then check those permissions in various places (like templates) to show or not show certain admin experiences.
https://apostrophecms.org/docs/tutorials/intermediate/permissions.html
You could further customize the login experience of these users by tapping in to the apostrophe-login, redirecting them to a special part of the website, etc https://apostrophecms.org/docs/modules/apostrophe-login/index.html
Related
I'm building a website with different users that belongs to different "accounts"
Is there a way when using Contentful CMS or similar headless CMS service to restrict contents based on user and their accounts?
e.g. This document can only be accessed by users that belongs to account 1234
Thank You!
I don't know about Contentful, but with Content Chef (https://contentchef.io)
you can create different "spaces" and have different users for each space, so you should be able to easily do what you need!
Full disclaimer: I'm working in Content Chef:)
I'm new to Piranha CMS and just trying to get my head around it. I'm using the MVC implementation and I need to do the following:
I need to extend the User with a property that stores an account number.
I need a page that is only accessible once the user logs in
On this page, I need to call a REST API on another server, using the account number a parameter, to retrieve a list of documents that the user has stored on this server.
When the user clicks the document, it will be downloaded as a PDF using the REST API once again
I just need general guidance on how to do this. How do I store the account number against the user (and manage this) and do I need to create a new Region that will show the list of documents from the remote server. Is there an example of creating a new Region anywhere and maybe returning a list from SQL that I can adapt?
Any help gratefully received.
Thanks in advance
Mike
The easiest way is to implement an extension with your custom fields that you attach to the user where you store this information.
When editing a page, go in under "settings" and select which groups should have access to your page. For this purpose I suggest creating a new group for site users that are not admins.
This should be easily implemented in either the controller or model for your page. When the user is logged in "User.Identity.Name" is the user id. Get the user, load the extensions & use the account number.
See number three.
Regards
I need a way to identify users. I have a Google site that is users access via their gmail accounts. My site is designed to allow users to view any data, but edit only their own data. This works fine for me as I'm the owner of the site and publisher of the scripts, but Session.getActiveUser().getUserLoginId() returns null for anyone else.
Please provide me the solution about this problem. Any link / any piece of code?
I suppose, that the script is deployed with the Execute the app as: combobox set to me. Please check it and change the combobox value to User accessing the web app.
I am designing a twitter iPhone app for my school. I wanted to moderate the users who can access the school account. In simple terms i do not want to use the original twitter server but make it local to only few users. Simply lets say a twitter for class. This will be running on our server and only few people can access it. I am very cofused about this any open sugeestions would help me.
Please help
Simplest way - twitter allows "protected profiles", where only users you are following can see your updates.. This is basically a whitelist of people who can see your statuses..
If you wish to allow multiple users to post from the same account, without hardcoding the twitter account into the application.. you could create your own API, essentially just a proxy for the twitter API..
You could then add your own level of authentication over this, so each user would have their own account (and you don't give out the shared account's login details)
In pseudo code, the application would be something like..
if request['username'] not in ['bob', 'alice']:
raise AuthError
if request['password'] != ['theuserspassword']:
raise AuthError
twitter_api = TwitterLibrary.login("sharedaccount", "secretpassword")
switch request['api_method']:
case "getPublicTimeline":
return twitter_api.getPublicTimeline()
case "postStatus":
return twitter_api.postStatus(request['something'])
Final option I can think of - you could run your own Twitter-like site.. There are plenty of "twitter clones", such as status.net (which is the code that runs identi.ca)
status.net and several other similar projects have Twitter-compatible API's, so you could quite easily take an open-source client (NatsuLiphone for example), and, with permission, rebrand and modify it to use the URL of your own site.
I'm not exactly sure what you mean by "not want to use the original twitter server". If you only want a few people to see the updates from that classes twitter account you could protect the updates and only allow students to follow the account.
However, this should help you create/customize your own twitter iPhone application. This is a link to Stanford's CS-193P course on Cocoa Development. The assignments in the class are creating and customizing a twitter client. All of the project files are available online.
http://www.stanford.edu/class/cs193p/cgi-bin/index.php
I hope this helps.
Create a regular twitter app that requires credentials, don't hard code the credentials in the app. Problem solved. Anybody could get the app on their phone, but only people previously authenticated on twitter would be able to actually use it. If you want to use Oauth you have do this anyway.
Is there a way to create a sort of authentication for wordpress which would block unauthorized users from some particular pages and posts but would allow any user to view some pages. I would also like the users of the blog to be able to register and login through facebook-connect, or google accounts. Is this possible.
for the authentication purpose you can use the_content filter and check for the conditions in there...
if you dont want unregistered users to view the post you can check the condition using is_single() and is_user_logged_in() there are other conditional tags like is_page(), is_home(), etc use the following code to check for if a particular template is active http://www.wprecipes.com/how-to-check-if-a-page-template-is-active
you can even selectively allow some users to access a post or page by comparing their user_id's if the are logged in