Forum Academy Marketplace Showcase Pricing Features

Limit page access without logging user in

Hello all! I’m trying to set up a page on my site where visitors can’t access it unless they’ve been ‘verified’ first; however, my users never log in. The way I have it set up now, visitors have to do a phone verification to navigate to a certain page on my site. However, technically, they could just go straight to that URL and bypass the verification. Is there some sort of ‘session token’ I could create, where a page can only be accessed if my Bubble app can find the token-- otherwise it’ll redirect them back to the phone verification? I hope I’ve been clear enough about what I’m trying to accomplish. Thank you in advance for any help you all can provide!

Sure! You could do this by setting a cookie

Create a “thing” called checkeR

After registration, set a cookie that indicates registered. Now create a new thing and , go on to the next screen but send page parameters containing the uniqueID from the result of step 1

Then on the next page, keep all groups hidden on page load and add the workflow action

On page load if do a search for checkR with a constraint of uniqueID= (Grab the parameter from the url you passed along) :count =1

— show groups

If not, redirect

1 Like

Hey, thanks for the swift response! However, your reply challenged me to think about this a different way and I found a much more streamlined solution.

I created a new field under the User data type called “verified” with a yes/no pre set to ‘no’. When a user goes through the Twilio phone verification and is approved, I make a change to ‘Current User’ and switch the “verified” field for the Current User to ‘yes’. I then set the restricted page to only load if Current User “Verified” is 'yes". Otherwise it redirects them to the page with the phone verification. So now if anyone tries to access the page directly there’s no cookie to attach them to the User data type.

1 Like