security update

[gubuntu]

Following on from #77

SAGTA has picked up that people are bypassing the current system, possibly by sharing credentials or some other way. Many non-members seem to be downloading maps. Or it's not correctly checking whether they are paid up?

SAGTA would like security to be enhanced and at the same time remove the two downloads for non-paid-up users.

• only paid-up SAGTA members to access the downloader
• No download limit for paid users?
• improve messaging and UX on map login page (maps.sagta.org.za). It is blank if you are not logged in.
  • Highlight the SAGTA login control
  • add a big message pointing to it and explaining that you have to be a SAGTA member to access it, with a link to the SAGTA signup page

Gordon - on sagta.org.za

• hide downloader link if not logged in?

Coordinate with the migration of the downloader from Hetzner/Rancher to DO/k8s and consider SSO.

Coordinate with @GordonFleming who hosts the sagta.org.za website where members are maintained.

@dimasciput please propose a solution here and size it.

[gubuntu]

@GordonFleming changed the behaviour on the main SAGTA site so users can't click through to the map url from there unless they've paid.

But anyone who knows the map url can still go directly there. So we need at least to have the landing page message as above.