Simple Password Protected Pages Documentation

This document covers usage details of the Simple Password Protected Pages package. This package provides a basic mechanism for securing a page with a username and password. Marketpath CMS Profiles are used as the authentication mechanism.

Requirements

Plan Plus
Marketpath Site Standard MPSS1
UI Framework none

Overview

With this package you can password protect any page on your site and require users to login with their site profiles. ANY authenticated site profile can access pages secured with the _protected.liquid template.

Learn more about profiles in the Marketpath CMS Profiles Training Course.

This package includes the following two templates:

login.liquid - a page template that displays a login form and handles logout actions when "?logout=true" is passed. Also handles redirects if passed as a query parameter.

_protected.liquid - a partial template to be included in the header, if you want the entire site secured, or in other page templates you want to be secured.

Please note - pages using either of these templates will not utilize the Fast Cache feature because content may vary based on the login state of a visitor.

login.liquid

This page template provides:

  • a framework-agnostic login form
  • authentication logic using any active Marketpath CMS Profile
  • a logout mechanism

It is limited to Article entity types and adheres to the MPSS1 standard. It requires the "_header" and "_footer" partial templates. However, if there is no "_header" or "_footer" template it will load a basic HTML header and footer.

The template is fairly straightforward and easily copied to include better styling and framework-specific form classes (e.g. Bootstrap forms).

LOGIN

This is a POST operation and handled accordingly.

LOGOUT

This is a GET operation because it passes the query string parameter "logout=true".

 

_protected.liquid

This partial template will be included in the header template of a site if you want all pages of the site to be password protected. This assumes that all Page templates include the header template.

You may also include this in an individual page template if you want to only secure pages using that template.

Variables:

login_url: (required) the url to redirect the user to if they are not currently logged in

logout_url: (optional) a global variable to be used for the logout URL destination. This is not passed into the template

Global Variables:

The variables below are set and available for use globally after this template is loaded.

ppp_login_url: the login_url passed to the template

ppp_logout_url: the logout_url passed to the template, or the auto generated logout url if none was passed

If no logout_url is passed to the template, ppp_logout_url will be set to the login_url + "?logout=true".

Example:

https://www.mydomain.com/site-login?logout=true

Include in header (all pages)

Show Full

<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="utf-8">
    {%- include "/marketpath/profiles/ppp/_protected.liquid"
        login_url:"/login" -%}
</head>
<body>
Include in page template

Show Full

{%- include "_header" -%}
{%- include "/marketpath/profiles/ppp/_protected.liquid"
        login_url:"/login" -%}

<section>
    ...
</section>

{%- include "_footer" -%}