My app has public pages that are accessible via unique URL, with no authentication required.
On some of these pages, I want to put links to resources (either files or links to external sites) which should be private and not possible to open until a correct password is entered.
The flow should be:
- user clicks on password-protected resource
- popup asks for password
- If password entered matches the resource’s password, then immediately open the resource in a new tab (it is either a link to an external site, or a file)
- If password entered does not match the resources’s password, display a message (‘password incorrect’) and do not open the resource in a new tab.
The resource needs to have privacy rules set up so that it cannot be accessed until the current user entered the correct password. Security is important in this case.
Any ideas on how to achieve this would be great!