Your new topic does not fit any of the above??? Check first. Then post here. Thanks.

Moderator: igrr

User avatar
By FRANCISCOGIMENO1000
#80835 Hello, I have a question, in a small server with 2 pages, the first being the login one.
How can a client be authenticated and when he disconnects he has to re-enter the password.

And if you put the route in the browser on page 2 do not access it if you have not gone through the access page.

Actually the login works correctly for me, but if I put the full path of page 2, it also serves me without any password.


For example:
Code: Select allwebServer.on ("/ loginconfig.php", [] ()
{
if (webServer.args ()> 0 && webServer.arg (0) == "password")
{
webServer.send (200, "text / html", PASSOK);
}
else
{
webServer.send (200, "text / html", ERRORPASS);
}



I have searched but I do not see anything clear or simple to implement.

Greetings and thank you
User avatar
By rudy
#80851 I am not that familiar with web security, but if I were to try something simple I would try this. Get the connection MAC address of the client on each request. After authentication provide the content. If the client is not authorized then supply a different content for whatever page it connects to. Or a redirect to the login screen.

A timer can also be used to keep track of the continued access. If the client does not access the server in a set time, then require them to log in again. (optional)