How to gate all content in website to Netlify Identity member?

@hrishikesh removed; as you can see it no longer reloads the page; but the same problem still occurs if you reload manually.

If a user is authenticated then the gated content should be shown regardless of how the page is reloaded.

That’s true. It should and it does work as you could see in my test. Which is why I’m trying to debug this and that would need me to be remove everything and put it back one-by-one to see what causes the problem.

If you can instead share your code directly, I can do all the tests myself and revert with the final answer. I could manually scrape all your pages and download them, but it could be easier if you could share it yourself.

I have sent you a link to a ZIP file in a DM.

The strange thing is you can’t even cache bust on reload by introducing a query param (i.e. ?t=234234).

Thanks for sharing. I’ll check it and let you know.

Hi @kruncher,

So, I’ve tested some stuff, but before I draw any conclusions, let me know if you notice the same behaviour.

Now my setup is almost same as yours. So, when I sign up as a new user (the new user won’t have any role), I face the redirect loop. However, if I sign out, assign the new user the role member and login, it works fine.

Can you please try to see if you get the same results with this repo: https://github.com/Hrishikesh-K/identity2/? You could manually deploy it as a different website.

@hrishikesh I have switched to the _redirects file that you are using. The role is (and always was) on the account before attempting to login; and Netlify is still serving the login page even after gated content should be permitted. I am experiencing the same issue with your repository as well.

Hi @kruncher ,

I’m sorry, I just can’t reproduce this. After setting the role, the website works absolutely fine. I’ve deployed that repo from above here: https://kind-darwin-f9963c.netlify.app/.

If you sign up as a new user (you can use a random email address, autoconfirm is enabled), you can see it going in a redirect loop like you mention. But if you login as:

Email: test@test.com
Password: test

(this user has the role set), the website works as expected. Note, homepage shows 404 as there’s no index.html.

@hrishikesh the test users on our site have the correct role and, as you have seen, do not show the gated content immediately upon signing in even with the same _redirects file as from your repository. It’s a very empty project.

If I go to /en/test/ and login it doesn’t show the gated content at /en/test/ it continues to show the login page. If I navigate to /en/ it does show gated content immediately. /en/test/ continues to show the login page for quite some time despite the user being logged in and having the correct role.

@hrishikesh if I login to /test/ and then refresh it still shows the login page for a while… but if I navigate to /test (removing the trailing slash) after having logged into /test/ the gated content shows immediately. The same is true if I login to /test and then navigate to /test/ (it works on /test/ after logging in on /test). There is definitely an issue here.

I tried as you suggested:

…but I really can’t reproduce it.

I’m not denying that the problem might exist, it might, and if it does I’d like to see it so that the developer team can possibly fix it. But, nothing I do seems to reproduce this.

1 Like

@hrishikesh Here is a behind-the-scenes of how it isn’t working for me: https://drive.google.com/file/d/1ItDQZMKP8CyjleH8kC1CwK2w5cjU_FV4/view?usp=sharing

Hi @kruncher,

That’s really strange. For the sake of testing, would you try creating a new website and see if you can reproduce the behaviour there too? I’m trying to narrow down on the problem, but nothing seems to point out what could be causing it.

hi @hrishikesh

This is the same issue I used to face, this is nothing new. I had also raised this concern in my thread. I run an internal knowledge base for my company and I faced this issue. Do check out my repo GitHub - sachinsancheti1/netlify-identity-redirect-check: Checking the Netlify RBAC function and if the redirects are working correctly through login and logouts on which I demonstrated the same.

Hi @sachinsancheti1,

Thank you for sharing this. I’m again unable to reproduce the problem in your repo too. I logged it, refreshed the page and it worked normally. So, I think I’m hitting a dead end as to I can’t seem to find what’s causing the issue for the many people in that other thread. I logged out, I refreshed and got the access denied page. Do note that, I had not read the other thread before, so my first instinct was to remove the duplicate redirect rule that you had. You say it works better with that, but personally, I don’t think that could have made any difference.

With that being said, I’ll do try to get someone else too on this thread so that we can check what might be happening. I was hoping I could reproduce it myself so I could provide the developers like a complete and thorough report, but I am just not able to reproduce it for some reason.

Could you by any chances share a request ID of the event when this happens?

Have you found anything out about this?

Hi @kruncher,

Yes, sorry I forgot to update the thread. While the website I deployed didn’t face the problem, I was able to see the issue in the one you shared in the PM. Refreshing the page still shows the logged out page and when I checked in the logs, it was a page returned from cache. After some time I refreshed again and the page showed the correct contents and when I checked the logs for that, that page was indeed returned from uncached node.

So, I retested this and when I got the error again, I manually purged the cache from our CDNs and refreshed the page and it worked fine again. Thank you for reporting this error. I’m still not sure why the error doesn’t happen with all and only a few people who have reported in this and the other thread. Thus, reproducing and testing this took time.

I’ve filed an internal issue to track this, however I can’t say as to when this will be resolved.

Also @kruncher, it would be very helpful if you keep the URL and the account that you sent me alive so we can keep testing it as creating another environment to reproduce this (like I was trying), might not help.

hi @hrishikesh I can give you access to one of my sites, please let me know how to PM you on this for you to see what I am facing.

Hi @sachinsancheti1,

PMs should already be enabled for your account. You could click on my username and message me from there.