A simple module used to password protect your pages or your entire website.
Please beaware that this module is no longer actively maintained. It will continue to be available, but not for new Nuxt features at this time.
- Require a password to access a page
- Require a password to access the entire website
- Full control over the password page
Your passwords can be stored as an environment variable or hardcoded in your source files.
To setup the nuxt-password-protect, ensure you add the module in your nuxt.config.js file.
module.exports = {
modules: ['nuxt-password-protect']
}
Module initialisation in nuxt.config.js
module.exports = {
modules: ['nuxt-password-protect'],
passwordProtect: {
enabled: true,
formPath: '/password',
password: 'hello-world',
tokenSeed: 101010,
queryString: '_pw',
cookieName: '_password',
cookie: {
prefix: '',
expires: 5
},
ignoredPaths: ['/public-page']
}
}
With the options you can define the basics of your website protection.
You can also enable or disable the protection using the option enabled, this could be a nice way to protect your website depending on the environment is has been deployed too.
export default {
name: 'MyComponent',
middleware: ['password-protect']
}
Add the middle ware to your nuxt configuration file
module.exports = {
router: {
middleware: ['password-protect']
}
}
To allow specific pages to be accessible without password protection, add the page's full path ($route.fullPath) to the ignoredPaths option.
We provide three methods you can use on your password form page, these will either add or remove authorisation or check if a user is authorised.
You can access these methods using the context of your vue component.
this.$passwordProtect.authorise(password)
This method will create a cookie with a unique cookie if the user has entered the correct password.
this.$passwordProtect.isAuthorised()
Is the user authorised to view this content, this will return a boolean depending.
this.$passwordProtect.removeAuthorisation()
Removes the users authorisation.
We also support granting authorisation using a querystring, by default the query string is _pw.
So to attempt to authorise you can do https://mywebsite.com?_pw=password
The query string can be changed by the protect password options in your nuxt config file.
If your website supports i18n routes, you can register a callback to handle the redirect logic.
An example can be seen in the plugins folder in the example Nuxt app in this repository.
To apply the callback, create a new Nuxt plugin with the following code:
export default function({ $passwordProtect, route, app, redirect }) {
$passwordProtect.registerRedirectCallback(opts => {
const localePath = app.localePath('password')
if (route.path === localePath) {
return
}
redirect(localePath, { previousPath: route.fullPath })
})
}In the case above we are handling a redirect to a localised path to show the password form.
Please also ensure you handle the path if you have password protection enabled for your entire website.
The form path is used as a fallback if a callback is not registered.
The redirect callback has access to the password protect options, incase you need it, and you should be able to access the context of the application like any normal Nuxt plugin.
You can see an example of the module at this website, https://nuxt-password-protect.netlify.com/
This code can be found in this repository at ./examples/demo.