-
-
Notifications
You must be signed in to change notification settings - Fork 8.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Access restriction by password protection #958
Comments
@Azcatchi As Docusaurus generates static content, there's no way for Docusaurus to add auth restrictions. This has to be done on the web server layer which is beyond the scope of Docusaurus. I recommend that you look up the docs for adding auth to the web server you are using or put your contents behind a VPN. Closing this issue as it's out of scope. |
I think this answer is outdated. Docosaurus essentially is SPA, so password addition is not impossible. |
Yes, it's indeed possible, but it's absolutely out of scope. You are welcome to swizzle |
I'm referring to not using any external auth services for server-side password protection. That's still not possible. |
Some possible solutions to protect a Docusaurus site:
I think 3) is a bit in the scope of Docusaurus. We probably have all the technical primitives to make this possible already, and just need to make a POC + document this.
If someone wants to work on a POC + doc that could be nice, otherwise I'll do that later, not a high priority Note with Cloudflare workers and other edge functions, you can do some quite advanced things. For example, you could build 2 versions of your static website (one for anonymous, one for logged-in users). The edge function can check the auth cookie and serve one static site or the other accordingly |
Hi there, not sure if this is what is being referred to, but you can easily create an Express Server with Basic Auth for your Docusaurus site and use the Express.static method to serve the build folder. Run npm run build and you will see a build folder is dynamically created in your project and then You will need to add
and the script
to your package.json and create an app.js file within the src directory and add the code
Hope this helps! |
I tried @leanndemetro's solution, which does indeed create a login dialogue, but using the default username & password ("USERNAME" & "PASSWORD"), I couldn't log in. Am I missing something? EDIT: apparently I needed to edit/create .env in my root with something like this: USERNAME=some-username In my case, I needed to update it because I was already using it for other stuff. Unfortunately, this breaks the build step, which chokes on the "type": "module" requirement. |
You may check my articles that show how to add an authentication layer to your Docusuaurs website. https://iammassoud.net/blog/docusaurus-authentication-roadmap |
Thanks, Massoud. I followed the tutorial for authenticating with AWS Cognito & got it to work on my local setup, but the build step chokes with:
Any idea what may be going on? If I rename the theme directory temporarily I can complete a build, but of course, that stops the authentication components from being compiled. It does point to something in one of those swizzled components as being the culprit, though. |
Maybe you can share your repo if it is public. |
It a private repo, but here's the hierarchy:
|
@techbridgedev
Overall, this issue can be from your search plugin as well. |
@massoudmaboudi I haven't pushed my own changes to my experimental branch where I am testing authentication, but I could if you still want to be added to the repo to check it out. I still need to look into the search plugin to see if that's responsible. EDIT: I temporarily removed the search plugin from |
@techbridgedev |
I've downloaded both branches after the above fix but still have the same build error. Do you want me to file an issue? |
@techbridgedev There should be an explanation why Docusaurus is behaving like this, though, to improve the code and not to change the default setting of Docusaurus, I created a new commit and added the By this change, you don't need to change |
I just followed your tutorial, the auth works great! Thank you so much for such a detailed walkthrough, truly appreciate it! |
I would like to ask if everything is good when deployed to Vercel and used that Auth? |
🚀 Feature
I want to make a wiki for my enterprise, but it would contain some sensitive information as well. I need some kind of restriction that only allows authenticated users to read the wiki contents. Could you please consider this request to allow us protecting our wiki ? Thanks in advance.
The text was updated successfully, but these errors were encountered: