I have an app for a client which was built to allow all users access to all pages after the initial sign-in. The client now wants external users to access the system without the ability to update records. Is this just a case of limiting which users can access the update pages? Is there anything that I need to be aware of?
In theory yes that it all you need to do … add a layer of login pages before all pages that can update. Then remove the primary login requirement.
But.
I recommend you copy your app and test it first to get the process right.
If you take this approach, then any link to those update pages will generate a login page, so that’s not ideal. Meaning you may need to put effort into hiding links and buttons that will cause this. Like for example duplicating a bunch of pages and removing all the update links.
And be aware that if you have any pages that filter views by logged in account they will no longer work once you take away the login requirement.
If those shortcomings are going to cause you grief then an alternative to consider is to create a simple shared login that you publish the details on the login page for the public to use …
Technically you could even add an extra button called “Public Login” to the login page with some JavaScript that auto-fills the login fiels with your shared login credentials and clicks the login button. Chatgpt can probably help you work out that process. I’m sure some javascript guru on here could probably assist too.
Doing that will of course then require you to introduce rules to discriminate between an authenticated company user versus a public user.
Thanks Leigh for your response.
I just edited it so you may wish to reread … a few more details …
Keith
I had a play with adding a “Login as a Visitor” button to Knack login page. Simple. Just create a visitor account, and then update javascript with the view of your home login page, and the email and password of your visitor login, and its done. Will look something like this - adjust the instruction to suit …
Then change your app to use ROLES, and restrict the update pages to an EMPLOYEE role versus a VISITOR role. etc…
$(document).on('knack-view-render.view_16', function(event, view, data) {
// HTML for instruction and visitor login button inside a styled box
const visitorLoginHTML = `
<div style="margin-top: 60px; padding: 20px; border: 2px solid #ccc; border-radius: 12px; background-color: #f9f9f9; text-align: center; max-width: 400px; margin-left: auto; margin-right: auto;">
<p style="font-weight: bold; margin-bottom: 20px;">If you are a visitor, please click the button below to log in</p>
<button id="visitor-login-button" style="background-color: #e60000; color: white; padding: 10px 20px; border: none; border-radius: 6px; font-size: 16px; cursor: pointer;">
Log in as Visitor
</button>
</div>
`;
// Append the styled box to the login form
$('#view_16 .kn-login-form').append(visitorLoginHTML);
// Click handler to autofill and submit the form
$('#visitor-login-button').on('click', function() {
$('#email').val('visitor@company.com');
$('#password').val('PASS1234!');
$('#view_16 .kn-login-form form').submit();
});
});
2 Likes
I’m not a coder so the thought of implementing this would worry me. In the end I remembered that @CarlHolmes created a video that used page rules to allow or disallow access to pages depending of the user role. I am now waiting on confirmation from my client that this is working as they requested. Thanks again for your input.
1 Like
@Keith6 - I’m glad that one of my videos helped you find a potential solution 
I watch your videos not knowing if I will use whatever you are talking about or not just on the off chance. Looks like it paid off this time. Keep up with the videos.
1 Like
@Keith6 - I appreciate your comment.
I do enjoy creating the videos, however, it’s often a challenge finding the time between work and home life 
It’s good to know that in a small way I may be helping others. 