Hello - I need help with setting up role-based access control to my docs site. Can someone please help me out here…thanks! See below:
I use manual deploy to deploy my static html docs folder onto Netlify. I do not use GitHub or GitLab or any version control (we can get into reasons if we have to, but this is something to do with Python API docs builds).
I just bumped up my Netlify service to Business package to enable Role-based Access control.
I am not much of a programmer so I wanted to use Netlify Identity service. I enabled the Identity service on my site dashboard (as described here: Authenticate users with Netlify Identity | Netlify Docs).
However, the examples and docs on how to use Netlify Identity assume that Git is used. I don’t use Git. Looking at this Identity page: GitHub - netlify/netlify-identity-widget: A zero config, framework free Netlify Identity widget it appears that for my usecase of manual deploy of static html folder, I have to hand code in the Netlify identity service, is it true? Isn’t there any easier way I can do everything from the dashboard?
If the answer to above is, “yes you have to hand code in the Identity into your html code,” then I am wondering how do people do this? Do I put all the Identity logic in the “index.html” file? But my “index.html” is generated automatically by my static site generator and any prior versions are deleted. How do users work this out in this usecase?
Any help is greatly appreciated, thanks!
Update: So I found this blog post: Netlify: Develop & deploy the best web experiences in record time and following it am able to add code to my
index.html file and enable role-based access. There is one thing that I am not getting it:
- When I retain my normal content in the “index.html” file + add the below Identity code, I was expecting that it will not show the index page but only show the login/signup model and only after a successful login will it show the actual index.html. But it is showing the entire “index.html” contents along with a text line that says “Login with Netlify identity”. I am thinking maybe I am not doing something right here?
<div data-netlify-identity-button>Login with Netlify Identity</div>
- I guess my question boils down to this: after a user successfully logs in, how do I control where I first land this user, as soon as login is successful?
You can redirect a visitor to a specific page if they are not logged in (e.g.
/login) using redirects as in this documentation.
You can also bind actions to events (as listing in
@netlify/netlify-identity/widget README such as
netlifyIdentity.on('login', user => console.log('login', user));
netlifyIdentity.on('logout', () => console.log('Logged out'));
which you could use to redirect a visitor to a specific page.
I have a demonstration of this deployed to vigorous-mcnulty-55e26b.netlify.app. You can use demo credentials username:
ISbUnb3bXvLr to log in. This is a basic-user, so does not have access to the staff area and is thus shown and unauthorised page.
@coelmay, hey, thanks for the detailed reply. I will try what you said above and see if that helps me accomplish my goal. I will report back here. Thanks!
Great suggestions, @coelmay! @rk-statichtml, keep us posted if these steps work. If you still are encountering obstacles I will loop in a member of the Support team.
So I am making progress. I used @coelmay’s html code as a major clue and using the following:
const user = netlifyIdentity.currentUser();
netlifyIdentity.on('init', user => location.href = 'index.html');
However, sometimes I see the browser attempting to issue a flurry of requests and times out with Bad Request timeout or something such error. I am wondering if this has to do with some race condition. Does this have to do with
login? Where can I read the differences between them?
And now I have a question on how to assign the role to an Open signup. So here’s the thing: I kept the registration open and signed up as, say, user-1. My
_redirects text file looks like this:
/html/* 200! Role=level-0-customer,level-1-customer,level-2-customer
/html/* /index-not-logged-in.html 401!
user-1 logs in, she still cannot access the site. I have to do a second step of assigning a Role (assign one of the above roles) to this
user-1. This sort of makes sense, but that’s not a good user experience. I want to show the
user-1 some page on my site even before I go in and assign a Role to this user. I guess my question is, in the Open registration when a visitor signs up and logs in, what is the default Role assigned to this user and how can I control it?
I hope I am not violating a community etiquette by asking so many questions in one thread. I thought since all these are interrelated to a single workflow, this is okay. If not, please let me know a better way to ask these questions. I am almost there, just need to get this Roles thing properly understood. Thanks!
Yes. You’ll want this on the
login event, not
init. The difference is init
is when Netlify Identity is *initialised*,login` on a login event.
The default is no role at all
(RBAC is not available on lower plans though Identity is.)
[EDIT: RBAC is available on the free tier and higher. External providers and custom JWT setting are only available on higher plans.]
In order to set a role automatically when a user signs up, you would need to use the
identity-signup function. This requires building a function which means the site is no longer a drag-and-drop style static site. Check out this article about the various ways to set a role.