Protect your site or a section of your site from public viewing by requiring authentication.
CloudCannon has several authentication options:
Once a user is authenticated, they can log out at <your-domain>/logout
. You can provide a logout button on your authenticated pages with this link.
<a href="/logout">Log out</a>
CloudCannon sets a cookie when the user is authenticated. Use this to show the logout button for authenticated users on public pages, and hide it otherwise.
No sensitive authentication data is exposed through cookies.
The cookie is used to set a class on the body. The CSS will show the logout button with this class.
var isAuthenticated = document.cookie.indexOf("authenticated=true") >= 0;
if (isAuthenticated) {
document.body.className += " authenticated";
}
.logout {
display: none;
}
.authenticated .logout {
display: block;
}
<a href="/logout" class="logout">Log out</a>
Custom routes allow you to specify the routes you want to be authenticated and keep the rest public. By default, all routes are authenticated.
This feature is ideal for staff or special subscriber sections of your site.
To specify custom authenticated routes for your site:
auth-routes.txt
in the root folderCloudCannon supports wildcards, allowing you to specify child folders or multiple files.
In the following example, visitors will have to log in to access /internal-news.html
and anything inside /staff
. Everything else is public.
/internal-news.html
/staff/*
You can create your own custom branded pages for authentication. This is possible for Password and User Account authentication methods.
Each page is different, but the process is the same: