openstatus.dev
Openstatus
www.openstatus.dev
fix: password protected feed route (#1553)
* chore: add docs
* fix: route search params
authored by
Maximilian Kaske
and committed by
GitHub
d2ca4923
bc078133
+12
-2
+6
-1
apps/docs/src/content/docs/reference/status-page.mdx
+6
-1
apps/docs/src/content/docs/reference/status-page.mdx
···
16
16
17
17
### Password
18
18
19
-
You can add a password for your status page.
19
+
You can add a password for your status page to protect a status page. If you are not authenticated, you will get redirected to the `/protected`.
20
+
21
+
The password is stored in plain text in a `cookie`, so keep the password easy and fun. You can share any page by appending the password via the `pw` search param like: `https://custom.stpg.dev/?pw=my-secret-password` and we will automatically authenticate the user. This can be useful to authenticate to private RSS feeds.
22
+
23
+
> If you need an email confirmed status page, e.g. by whitelisting domains for specific partners who would access the page with a magic link, please contact ping@openstatus.dev - we have that on our backlog and are happy to prioritze it.
24
+
20
25
21
26
### Favicon
22
27
+6
-1
apps/status-page/src/app/(status-page)/[domain]/(public)/feed/[type]/route.ts
+6
-1
apps/status-page/src/app/(status-page)/[domain]/(public)/feed/[type]/route.ts
···
25
25
trpc.page.getPageBySlug.queryOptions({ slug: domain }),
26
26
);
27
27
if (!page) return notFound();
28
-
if (page.passwordProtected) return unauthorized();
28
+
29
+
if (page.passwordProtected) {
30
+
const url = new URL(_request.url);
31
+
const password = url.searchParams.get("pw");
32
+
if (password !== page.password) return unauthorized();
33
+
}
29
34
30
35
const baseUrl = getBaseUrl({
31
36
slug: page.slug,