[英]Protect angular application with password
I would like to protect my application with a password.我想用密码保护我的应用程序。 When a user opens the app he has to type in the correct password then he is redirected to the main page of the application.
当用户打开应用程序时,他必须输入正确的密码,然后他会被重定向到应用程序的主页。
I tried creating a component with simple password input that if validated successfully would redirect using routing, but that doesn't work since the user can still just type in the correct url ( /invitation
) and bypass the password validation.我尝试使用简单的密码输入创建一个组件,如果成功验证将使用路由重定向,但这不起作用,因为用户仍然可以输入正确的 url (
/invitation
) 并绕过密码验证。
validatePassword(input: string): void {
if (this.password === input) {
this.router.navigate(['/invitation']);
}
}
What is the correct way to go around this problem? go 解决这个问题的正确方法是什么?
Short answer, you can't.简短的回答,你不能。
Anything security related on a frontend is not secure.任何与前端相关的安全性都是不安全的。 You can use a guard to hide the page, but with a little knowledge, this can be bypassed.
您可以使用 守卫来隐藏页面,但只要稍加了解,就可以绕过这一点。 You should instead protect your data (API).
相反,您应该保护您的数据 (API)。 How to depends on your stack.
如何取决于您的堆栈。
Wouldn't the easy way just to be to add a password page and save something in html storage, then check on every page load?简单的方法是添加密码页面并将某些内容保存在 html 存储中,然后检查每个页面加载吗? I suppose the APIs can still be called, but it would prevent from viewing
我想仍然可以调用 API,但它会阻止查看
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.