extrameile / auth-basic
Protect frontend pages via auth basic
Installs: 395
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 2
Type:typo3-cms-extension
Requires
- middlewares/http-authentication: ^1.1
- typo3/cms-backend: ^9.5 || ^10.4
- typo3/cms-core: ^9.5 || ^10.4
Requires (Dev)
- extrameile/grumphp-conventions-typo3: dev-master
Replaces
- typo3-ter/auth-basic: v1.0.1
This package is auto-updated.
Last update: 2024-11-29 06:16:43 UTC
README
You might need to add a configuration line to yout .htaccess so the Authorization Header is passed on to the middleware
# pass authorization header to TYPO3 so the middleware can handle it
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
What does it do?
Protect pages (and subpages) with an Auth Basic login by utilizing the Middleware API in TYPO3 9.5 The extension is executed after the target page is determined and checks the rootline for an activated Auth Basic flag. The login credentials are currently saved in plain text, split username and password with a colon, split multiple accounts by newline.
username:password
Try out
composer config repositories.auth-basic vcs https://github.com/extrameile/t3ext-auth_basic.git
composer require extrameile/auth-basic dev-master
Todos
add page overlay icon to show the protected status- configurable?
add global IP whitelist configurationprobably respect devIPmask settings or skip protection for Development Contextskip Auth Basic if backend login is active- stop request on non https connections?
- skip in workspaces? Should previews be protectable with a login?
- Test / document usage with
Apache/Nginx etc. - Test / configure multilanguage setups
- test setup with proxy setups etc.
- improve code quality 😄
Notes
Kudos to https://www.qbus.de/qblog/psr-15-middlewares-fuer-typo3-cms-v9/ for the example implementation of how to use the API in TYPO3
Kudos as well to https://github.com/middlewares/http-authentication#basicauthentication for providing an easy to use library for the auth basic stuff