Security popup for each page if not same user

Hello. I am creating a website where users can have their own store. The data field for user is: Store ID=1234.

I want to display a popup on each store dashboard backend pages where, if the user store ID does not match the current store path URL, it will say “you are not the store owner of this account”

I plan also to make a popup for if the User Unique ID is not the account ID, to display another popup similar.

I know there are security rules I can setup, but thats as far as it goes? It would take quite a while to trigger a popup on page load on every single page. I have more than 80 pages. do I need to go to every single page and trigger an event to show the reusable popup on EVERY SINGLE PAGE? or can I create a universal trigger for all pages

popup are not a good way to hide or block unauthorized access, because any one who have a little bit knowledge of dev tool, and can prevent that popup to show and use you app.

what i suggest use a workflow condition on page load, with 300 redirect to check from server side if the current user is authorized to see the current data. redirect him to a 404 page or something.

and also use privacy rules to stop data leakage.

2 Likes

thanks heaps! good idea! will use a redirect. Is there anyway around having to do it on every page?

You would probably make a header or something as reusable, make that condition on that page level to check user authorization, just past that reusable to every page.

1 Like

hmmm okay cool good idea! will implement inside the header :slight_smile:

This topic was automatically closed after 70 days. New replies are no longer allowed.