Comments (11)
It runs at localhost:4000/admin
from hexo-admin.
My current usage is in conjunction with a statically generated site, so the admin only runs locally, and I don't need password protection. If someone wants to implement some auth, I certainly wouldn't be opposed.
from hexo-admin.
+1
from hexo-admin.
What do you envision this looking like?
I see a few options.
The easiest is probably to have a hashed password entered as a config variable and then you input the password when you get to /admin, and the hashed version of the password is sent as token auth or something.
SHA3 for javascript is available here
from hexo-admin.
Storing strongly hashed password in config would be good enough and easy to implement I think.
Also, please consider adding admin path as another variable to config file. That shouldn't be hard and you'll get some security through obscurity.
from hexo-admin.
mmmm I'd hope that no one would rely on that... but yeah, easy to add.
PRs welcome :) if not I'll probably get to it in the next few weeks.
On Sat Jan 24 2015 at 2:47:11 AM Martin Janeček [email protected]
wrote:
Storing strongly hashed password in config would be good enough and easy
to implement I think.
Also, please consider adding admin path as another variable to config
file. That shouldn't be hard and you'll get some security through obscurity.—
Reply to this email directly or view it on GitHub
#13 (comment).
from hexo-admin.
I'd like to PR, but I'm PHP dev, not experienced in JS - consumer only, sorry :)
from hexo-admin.
+1 for login protection
from hexo-admin.
I've sent a pull request with base authentication. See, please
from hexo-admin.
Thanks to @yarax for getting this going! Password protection is now available in the just-published 0.3.0
version on npm. Let me know how it goes! Information on how to get it running is available in the Readme.
from hexo-admin.
Amazing ! Thx!
from hexo-admin.
Related Issues (20)
- bcrypt-nodejs is no longer actively mai ntained. Please use bcrypt or bcryptjs.
- 欧弟
- about del page and post
- 登陆密码忘了怎么找回
- How to delete a draft?
- support images rlative path
- Multiple Admins/Passwords possible?
- Error: Function yaml.safeLoad is removed in js-yaml 4. Use yaml.load instead, which is now safe by default. HOT 2
- Deploy cms to heroku
- How to change HTTP to HTTPS
- Advice: move this repo to hexojs official org
- Plugin can't load properly HOT 1
- 报错:Function yaml.safeLoad is removed in js-yaml 4. Use yaml.load instead, which is now safe by default. HOT 2
- 设置登录账户密码后无法编辑博客
- admin新增修改一直loading HOT 4
- How to support keywords just like tag and categories? HOT 1
- white screen HOT 3
- white screen
- add new post can't custom fontmatter
- After entering the password, there is no response when you click SUBMIT
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hexo-admin.