I am developing a login page, and I want to stop a user from accessing the user dashboard without first authenticating website.com > website.com/dashboard.html. When looking this question up, I found How to prevent a user from directly accessing my html page by writing URL?. The answer uses PHP, but my authentication system uses JavaScript to check whether the password is valid or not. However, JavaScript cannot be used along with PHP in a JS file. I have considered using PHP, but in order to use them together, I have to include my JS code in the webpage, which I don't want. How can this be achieved?
CodePudding user response:
You can use sessionStorage to check if a user is logged in or not.
Set sessionStorage in the Login page and check it on the dashboard, if a session is not available redirect to the login page.
You can set a new key every time the user logs in for the session and check using API to avoid the same session value.
// Store
SessionStorage.setItem("lastname", "Smith");
// Retrieve
document.getElementById("result").innerHTML = SessionStorage.getItem("lastname");
CodePudding user response:
What do you mean by preventing? Do you mean declining access to said site? Please send your entire page source so I can get a better understanding