Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    SOLVED Feat: Only allow authenticated users

    Surfer
    5
    26
    165
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • nebulon
      nebulon Staff last edited by

      The preview and also other related issues like thumbnails is fixed with latest package version.
      I was not able to reproduce the missing username login field issue. Do you have any more information on this? Maybe in some cases we hit some caching issue or so?

      I also fixed an issue with the favicon in the settings dialog now. Still if too large images or unsupported formats are uploaded, they are just accepted and will thus result in missing favicons for now.

      fbartels 1 Reply Last reply Reply Quote 1
      • fbartels
        fbartels App Dev @nebulon last edited by

        No, I don't think its a caching thing as I am always trying the login form in an incognito session. This is with v5.13.3:

        d44e7a10-0b97-47e6-944c-a8d0717a5287-image.png

        Settings:
        40fdafaf-fed0-44c1-a5a5-5c33d0fe1ac4-image.png

        Under access control in Cloudron I have set Allow all users from this Cloudron.

        nebulon 1 Reply Last reply Reply Quote 0
        • nebulon
          nebulon Staff @fbartels last edited by

          @fbartels oh! after looking at your instance itself I found the bug. You probably have the combination of access restriction and no public folder listing, in which case I missed to remove a token check. Will fix in a bit.

          fbartels 1 Reply Last reply Reply Quote 0
          • fbartels
            fbartels App Dev @nebulon last edited by

            @nebulon ah yes, that seems to be it. once I enabled public listing the login form did show the title and field for the username.

            Thanks

            nebulon 1 Reply Last reply Reply Quote 0
            • nebulon
              nebulon Staff @fbartels last edited by

              @fbartels Ok this should be fixed with the latest package release now. Thanks for all the testing and reporting!

              fbartels 1 Reply Last reply Reply Quote 1
              • fbartels
                fbartels App Dev @nebulon last edited by

                @nebulon said in Feat: Only allow authenticated users:

                Thanks for all the testing and reporting!

                I asked for the feature, it was the least I could do 😅

                1 Reply Last reply Reply Quote 2
                • robi
                  robi last edited by

                  I am trying this out and have a few issues.

                  Enabling the public folder listing and setting access to user restricted, should not list the content until a user is logged in.

                  If I open the site in a new tab, it lists the files and shows a login button. Not expected.

                  If I open an incognito tab, it opens to a login page. As expected.

                  So the new tab should either give me a login page, or tell me I am logged in, if a browser session is being used to display the file listing.

                  nebulon 1 Reply Last reply Reply Quote 0
                  • nebulon
                    nebulon Staff @robi last edited by

                    @robi can you explain the "Not expected" case a bit further. Which and where do you see a login screen? (The login button in the public folder listing on the top right will always be there, if that is what you mean)

                    robi 1 Reply Last reply Reply Quote 0
                    • robi
                      robi @nebulon last edited by

                      @nebulon expectation is to not get a listing and a login prompt.

                      since I did, that means the session is being reused and I am logged in, yet the button shows as I am not logged in.

                      So maybe the fix here is to detect login state and adjust the button accordingly; perhaps a logout instead.

                      1 Reply Last reply Reply Quote 0
                      • nebulon
                        nebulon Staff last edited by

                        Right, since you have the access token in this case in a new tab simply in the local storage, the session is refreshed and you see the files. I will fixup the login state/login button to show somethign like "Admin Dashboard" or so.

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post