Make sections of your site (template) accessible to members only.
Create a template with a loginform and the processform tag. The form should at least provide username, password and action. e.g.:
{{ protectedpage_processform() }}
<!-- display error messages here, see below -->
<form class="loginform" method="post">
<input type=text name=username>
<input type=text name=password>
<input type=submit name=action value=login>
</form>
Decide what the uri should be for the login form (e.g. /members-login),
and in the extension config.yml set the redirect
variable to this uri.
Create a static route to the login template for this uri. (or make a page/entry for this uri that uses this template.)
Protect a template with the tag {{ protectedpage() }}
.
If a visitor is not logged in (or does not have an allowed role assigned),
the visitor will be redirected to the login page.
After login, the visitor will be redirected back to the original page.
In the extension config.yml set member_roles
to the roles that should
have access to protected pages. Member_roles is the default set, but you
can create custom sets of roles for different access levels, and pass
the set name to the extension: {{ protectedpage('custom_roles') }}
Next to the default Bolt roles as editor, chief_editor, etc.,
you can add to Bolt a member
role if needed.
Redirect
is the uri where the visitor is redirected to when visiting
a protected page, but is not logged in, or does not have a correct role.
Protected Pages uses app->users->login so any error and success messages are set in session flashMessages. You can copy/paste the content from Bolt, inside /app/view/_messages.twig and place them next to the loginform to display notices etc.
{% if app.session.flashBag.has('info') %}
<div class="alert alert-info">
<button class="close" data-dismiss="alert">×</button>
{% for msg in app.session.flashBag.get('info') %}
{{ msg|ymllink }}
{% endfor %}
</div>
{% endif %}
{% if app.session.flashBag.has('error') %}
<div class="alert alert-error">
<button class="close" data-dismiss="alert">×</button>
{% for msg in app.session.flashBag.get('error') %}
{{ msg|ymllink }}
{% endfor %}
</div>
{% endif %}
Hi, will you be making a PR out of this? Looks good to me, for starters.