Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow EteServer User Signup Through My Frontend Application only, disallow publicly. #154

Open
SHoward-A opened this issue Oct 10, 2022 · 2 comments

Comments

@SHoward-A
Copy link

I want to allow signup users in eteserver, but I do not want anyone else to allow this (I mean do not publicly allow, except my front end application ).
What I have in mind is that I will create new custom sign up API, and use some signature to make sure request is coming from my front end application. After that verification, I want to signup user, I am not sure how to do this, I tried to explore etebase python sdk so that I can replicate functionality from there, but no luck.

Can anyone please guide, how I can achieve this thing. Thanks in advance -:)

@smac89
Copy link

smac89 commented Sep 20, 2023

Use a proxy and only allow the client's IP address. You can also use a cookie which is set by your proxy, then block all attempts to signup, which do not include this cookie. All of this can be done with Nginx

@tasn
Copy link
Member

tasn commented Sep 20, 2023

At the end of the day though, it's fragile, as it trusts the user agent. There really isn't a way to do it other than playing cat-and-mouse games with people trying to circumvent it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants