How to quickly make a temporary separate login/password form to display a closed website on the Internet?

Question

How to quickly make a temporary separate login/password form to display a closed website on the Internet?

Volk Volk 551

Hi!

The site (Net.Core 6) already has a working authentication, but it can only be used if temporary login is allowed.

This site needs to be temporarily hidden for everyone on the Internet.It is necessary to make a temporary entrance to the site through the login/password form (login/password is just the assigned text).

That is, I upload the site to the network at https, but all its pages should be hidden for everyone except those who have a certain username/password.

There are a lot of pages on the site, there is a separate authentication inside the site.

Is there a way to quickly implement such an input without prescribing conditions to all methods in the controller that return a Views?

Has anyone ever faced such a task?

Can you please advise a quick solution?

Thanks!

AgaveJoe 1,510 Reputation points

2023-10-04T18:00:17.4566667+00:00
That is, I upload the site to the network at https, but all its pages should be hidden for everyone except those who have a certain username/password.

This sounds like a basic "if" condition after after the username and password is verified.

if(username == "someusername") { //signin the user }

Accepted answer

0 additional answers

Your answer

AgaveJoe 1,510 Reputation points

2023-10-04T18:00:17.4566667+00:00

That is, I upload the site to the network at https, but all its pages should be hidden for everyone except those who have a certain username/password.

This sounds like a basic "if" condition after after the username and password is verified.

if(username == "someusername") { //signin the user }

Answer 1

Bruce (SqlWork.com) 78,006 Volunteer Moderator

your question is not clear, but I think you want to add a login facade to your app. the easiest to add your own middleware that checks for authentication,. trival example

...
app.UseHttpsRedirection();
app.Use(async (context, next) =>
{
    var cookie = context.Request.Cookies["templogin"];
    if (cookie?.FirstOrDefault().ToString() != "ok")
    {
        if (context.Request.Query["user"].FirstOrDefault() == "test"
            && context.Request.Query["password"].FirstOrDefault() == "password")
        {
            context.Response.Cookies.Append("templogin", "ok", new CookieOptions
            {
                Expires = DateTime.Now.AddDays(1),
                Path = "/"
            });
        }
        else
        {
            await context.Response.WriteAsync("Site not available");
            return;
        }
    }

    // Call the next delegate/middleware in the pipeline.
    await next(context);
});
...

to login:

https://mysite.com?user=test&password=password

note: to improve security use an encrypted token for "ok". and a database (or environment variables) for user & password hash

Volk Volk 551 Reputation points

2023-10-05T09:24:56.13+00:00

Yes, you are absolutely right, I needed a temporary facade for the entire site. Your advice will suit me, I will try to realize it. Thank you! :)
Volk Volk 551 Reputation points

2023-10-09T15:49:58.9366667+00:00
Almost everything worked out, but I just don't understand how I can correctly write the templogin and ok objects to the cookie and insert user and password into it? Please tell me how to do this in javascript so that the check in C# works correctly?

I'm trying this way, but I don't understand how correctly...

function save() { document.cookie = "templogin=" + "ok"; document.cookie = "user=" + document.getElementById("user").value; document.cookie = "password=" + document.getElementById("password").value; }

Thanks!
Bruce (SqlWork.com) 78,006 Reputation points Volunteer Moderator

2023-10-09T16:19:44.8866667+00:00

Why does JavaScript need to set a cookie? If you want JavaScript to login, just have an anonymous ajax call that verifies the values and sets the cookie.
Volk Volk 551 Reputation points

2023-10-09T16:57:56.8966667+00:00

Yes, yes, I have already realized that it is not necessary to create cookies in javascript. :)

I'm already raising user and password, although for some reason they are incomplete in context.Request.Query["user"] and context.Request.Query["password"]. Don't know why? In QueryString I get long good user and password, but context.Request.Query["user"] and context.Request.Query["password"] returns only 12 and 8 characters to me. Why is that?
Volk Volk 551 Reputation points

2023-10-09T17:12:21.8533333+00:00

Yes, yes, I have already realized that it is not necessary to create cookies in javascript. :)

I'm already raising user and password, although for some reason they are incomplete in context.Request.Query["user"] and context.Request.Query["password"]. Don't know why? In QueryString I get long good user and password, but context.Request.Query["user"] and context.Request.Query["password"] returns only 12 and 8 characters to me. Why is that?
Volk Volk 551 Reputation points

2023-10-09T17:29:41.4966667+00:00

Everything works (except for the short user and password), but then such a disaster happens - on the site in some places, after logging in, fields for user and password appear instead of the layout in <head></head>. Don't know why this is so? This is very strange, since the html page for entering the temporary user and password is a separate html page.
Volk Volk 551 Reputation points

2023-10-09T18:21:24.11+00:00
And everything worked! Great!

Thanks! Just your string:

if (cookie?.FirstOrDefault().ToString() != "ok"

should have been written like this:

if (cookie != "ok")

The question is closed! :)

Share via

How to quickly make a temporary separate login/password form to display a closed website on the Internet?

0 additional answers

Your answer