Volto add-on that reject unconditionnally anonymous users from a Volto site.
They should be redirected to a login form (customizable).
When login management is outside Plone, the first SSR page load is without login headers, so you have to refresh the page to have the proper tokens.
With this middleware, you can force SSR to make a fake call to a Plone view that simply make a redirect (and returns the auth tokens).
-
Get the latest Docker images
docker pull plone docker pull plone/volto -
Start Plone backend
docker run -d --name plone -p 8080:8080 -e SITE=Plone -e PROFILES="profile-plone.restapi:blocks" plone -
Start Volto frontend
docker run -it --rm -p 3000:3000 --link plone -e ADDONS="volto-middleware-rejectanonymous" plone/volto -
Go to http://localhost:3000
-
Make sure you have a Plone backend up-and-running at http://localhost:8080/Plone
-
Start Volto frontend
-
If you already have a volto project, just update
package.json:"addons": [ "volto-middleware-rejectanonymous" ], "dependencies": { "volto-middleware-rejectanonymous": "^0.1.0" }
-
If not, create one:
npm install -g yo @plone/generator-volto yo @plone/volto my-volto-project --addon volto-middleware-rejectanonymous cd my-volto-project
-
Install new add-ons and restart Volto:
yarn yarn start -
Go to http://localhost:3000
-
Happy editing!
This add-on can be enabled with an environment variable RAZZLE_REJECT_ANONYMOUS. It is disabled by default.
Default redirect url is /login but you can override it with RAZZLE_REJECT_ANONYMOUS_REDIRECT_URL environment variable.
See DEVELOP.md.
See LICENSE.md for details.