Description
Feature request
What problem does this feature solve?
In some cases, people would want to use Vuepress for private websites (e.g. private docs for company, half-public-private blog with partially private routing).
Currently, Vuepress does not say anything about Authentication (In contrast to deployment, for example).
On the Internet, I found some people implemented auth behavior directly and solely on Vuepress, without anything else.
For example, I found an article Add Authentication and Personalization to VuePress. This describes how to add auth with Okta.
I saw some other folks use navigation guard on .vuepress/enhanceApp.js(or theme's enhanceApp.js).
export default ({
Vue, options, router, siteData
}) => {
router.beforeEach(async (to, from, next) => {
// <do some authorization >
});
};There's even a plugin like InCuca/vuepress-pass.
However, Vuepress is purely static client-side website, which cannot handle authorization by itself.
So those articles all misunderstood security, or just describe client-side approach which has to combined with server-side setting.
So, in my opinion, it'd be good for official docs to have auth guide.
What does the proposal look like?
Adding some authentication tutorials. Though Vuepress is not responsible for it, it'll be helpful to some people.
For example,
- How to configure popular reverse proxies with Vuepress.
- How to host Vuepress privately on object storage (.e.g AWS S3, Google Cloud Storage), and limit access by serverless function.
- How to handle route-level authorization.
- How to integrate with Auth Providers (e.g. Cognito, Firebase, Auth0, Okta Vue Component)
- How to add a login/logout button on the navigation (e.g. guide to create component and import on navbar, or maybe providing an option out-of-the-box on default theme?).
Are you willing to work on this yourself?
Not sure right now. But I definitly would contribute if possible.