O, that’s great to know, and I’m appreciative at all you’ve done.I’ve fixed it locally. When authorizing a page, can I list it like this in the _redirects? Will my previous redirect remain while this auth command is added? Will this work?
/dating /music 301!
/film /index 200! Role=member
/film /film/access-denied/401
Disregard that. It didnt work
Yes, you can list it like that. What’s not working?
It didn’t prompt me to login, but I think I would need the netlify widget encoded first for that to happen. When I went to code it, when the pressing the link I get the error "failed to load settings from /.netlify/identity
Have you enabled Identity for your website?
Yes, and I’ve collected data from forms with it; however, the ultimate goal right now is to find the widget that includes the gmail login option so that I can guard the rest of the site pages for paying members. I coded it once before, but cannot recall how I did it.
There’s not much of coding required. You add the widget and that should do quite a bit.
Right. I figured the same thing. Do you know the widget I speak of? Is it possible that you can copy and paste it into this thread?
This is what I have, but the popup results in error
A static websiteThis guide covers a lot of it: Authenticate users with Netlify Identity | Netlify Docs and should help you get started.
I’ve checked it out (the link) and after some more coding with JavaScript am getting a better idea of what’s going on. From your experience, where the gotrue API asks to confirm and respond with emails, can we replace emails with “mobile numbers”?
Hi @MM6th,
While that might work (I have no idea if it really will and would be inclined to think it’s not possible), I’d strongly advise against it. The email is important for users to be able to reset their password or confirm the email in the first place. Thus, changing that would be a bad idea.
But doesn’t the same process apply with a phone number? A message gets sent telling you to click a link (I’ve yet to subscribe any members to my site yet)
Hi @MM6th,
The backend is not yet configured to send SMS messages. It can only send emails.
Understood. One again thanks a lot!
I installed yarn, and went to code the gotrue-js API but there are soooo many. It’s confusing. I chose the admin method which I’ll paste here:
document.querySelector(“form[name=‘login’]”).addEventListener(“submit”, e => {
e.preventDefault();
const form = e.target;
const { email, password } = form.elements;
auth
.login(email.value, password.value, true)
.then(response => {
const myAuthHeader = “Bearer " + response.token.access_token; //creates the bearer token
fetch(”/.netlify/functions/hello", {
headers: { Authorization: myAuthHeader },
credentials: “include”
})
.then(response => {
console.log({ response });
})
.catch(error => {…});
})
.catch(error => {…});
});
I have this coded below a custom register and flip login card. Will this handle registry and login?
Hi @MM6th,
Yes, this would do fine to login. Here’s a complete code including the import statement:
const loginForm = document.querySelector('form[name="login"]')
loginForm.addEventListener('submit', event => {
event.preventDefault()
const { email, password } = loginForm.elements
auth.login(email.value, password.value, true).then(response => {
fetch('/.netlify/functions/bar', {
headers: {
Authorization: "Bearer " + response.token.access_token
}
}).then(response => {
if (response.ok) {
return response.json()
} else {
throw response.status
}
}).then(data => {
console.log(data)
}).catch(error => {
console.log(error)
})
}).catch(error => {
console.log(error)
})
})
Inside the function, you’d have to set the user roles and return it back to the client.
Additionally, you could also use Netlify Identity Widget to handle a lot of this automatically.
Wow! Thanks! I tried but kept getting an error, so I customized a login and came to this. So , you’re saying assign the role and it will automate right? But I have to go live and do it. I can’t troubleshoot it from local host.
Hi @MM6th,
I’ll explain the flow how Role Based Access Control will work:
A user signs-up → they have no role set → they subscribe to a premium plan → you handle the payment and trigger a serverless function once they’ve successfully paid → upgrade their role in the function → return the user data with the updated role and send a cookie named nf_jwt → RBAC will match this cookie to redirect in the future.
Does this shed some light?
It sounds so encouraging, and I wish it did ring a bell but it doesn’t lol. I do know I can adjust my form for an initial sign up, and I do have a premium page where they have to pay in crypto. When you say return function is that regarding the return function in this code? I’ve coded a mean site but have never gotten this far
Oh, I am talking about the serverless function that you’d write to update the user role, like this one here:
You’d have to set the role in this function using one of the admin methods of GoTrueJS. Once it’s set, you’d have to return the user back to client. Here’s an example:
Taken from:
updatedUser is the object you’d get here: