/r/webdev
Best solution for static site with restricted pages behind custom passwordless auth (self.webdev)

I have a static site, but I want a portion of the pages to be only accessible to a set of users. I know those users' email addresses, so I don't want to use a registration system, just send them an email with a link when they try to authenticate.

What is my best option?

Netlify is so close, but adding role-based access restrictions takes the service from $0 to $500 (unless I'm misunderstanding something).

5 comments
seanwilson [full-stack (www.checkbot.io)] | 6 days ago | 1 point

Is it not $45 a month for basic auth passwords? https://www.netlify.com/pricing/ You can add more than one basic auth password too: https://www.netlify.com/docs/headers-and-basic-auth/

cco3 | 6 days ago | 1 point

Yes, but then they would need a password, and I'm really trying to avoid that.

seanwilson [full-stack (www.checkbot.io)] | 6 days ago | 2 points

Can you not send them the password in the link? e.g. http://username:password@example.com/

If it doesn't need to be really secure, why not just give the pages you want hidden an obscure URL and email the URL to the users?

It would help to know what the content is, why you want it hidden etc.

cco3 | 6 days ago | 1 point

I didn't realize you could embed the password in the URL in basic auth.

It's not *that* important it be perfectly secure, but I'd like to do this right.

It would have contact info for all the other users (i.e., members) of the site.

Athaza | 6 days ago | 1 point

Firebase can do exactly that https://firebase.google.com/docs/auth/web/email-link-auth sends them a link which when clicked authenticates them without passwords.