How can client side JavaScript send a user id/password to an Apache server so that a folder protected by .htpasswd is unlocked?

◇◆丶佛笑我妖孽 提交于 2021-01-07 02:35:37

问题


I would like to give access to files in a folder to users that login to a web app that I made.

The users login by entering an ID and a password that is checked against a database that is accessible using an API.

Once they are authenticated they can use the web app but I would also like to give them access to files in a folder on the web server. The web server is running Apache and is separate from the API server.

I would rather not build a server side password authentication app but instead give access to files on the web server using .htaccess and .htpasswd.

Using .htpasswd access is appealing because it avoids the need to write Apache server side authentication code in PHP or whatever. I'd also like to not have to maintain an additional list of users and their passwords in the .htpasswd file.

Instead I'd have one user id/password in the .htpasswd file that would be secret, i.e. unknown to users of the site. If a user successfully authenticates through the database API I'd unlock the folder by passing that one .htpasswd ID and password to the Apache server.

How I see this working is similar to what is described in this link. Except that instead of receiving JSON I want to make the content of a folder available to the user. From the user's point of view they would see a list of all the files as URLs on my App's page.

来源:https://stackoverflow.com/questions/65225037/how-can-client-side-javascript-send-a-user-id-password-to-an-apache-server-so-th

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!