You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So, consider a scenario where the server template has some logic like this
ifuser.isAdmin()
h1 Welcome Back Admin
else
h1 Hey, Your not an admin
asset-rack exposes this logic to the user.
If you use asset-rack to compile all your jade templates anyone can see the admin templates. Weather you put logic in your template or not its still a privacy issue. I don't want to render my admin templates to any unauthorized users.
So, could we implement the ability to add middleware to the requests before the asset is served so they can be protected by user sessions?
I would be happy to contribute to this if anyone else see's this as a useful feature.
It should be simple enough to follow standard middleware procedure.
So, consider a scenario where the server template has some logic like this
asset-rack exposes this logic to the user.
If you use asset-rack to compile all your jade templates anyone can see the admin templates. Weather you put logic in your template or not its still a privacy issue. I don't want to render my admin templates to any unauthorized users.
So, could we implement the ability to add middleware to the requests before the asset is served so they can be protected by user sessions?
I would be happy to contribute to this if anyone else see's this as a useful feature.
It should be simple enough to follow standard middleware procedure.
Is there already a way of doing something similar from outside of asset-rack
The text was updated successfully, but these errors were encountered: