How can I restrict requests access to my files? I want authorization to be passed in the headers of the requests, and if it’s correct, then you can see the JSON file.
Kind of like how discord handles its requests.
The simplest technique I know would be http digest authentication using the http-auth module - here is an example.
You first use the htdigest command on the command line to create a .data/users.htdigest file that has (hashed) usernames and passwords in it, and then you use auth.connect(digest) as an express middleware to say that certain routes should be protected by that file. When you point your browser to that route, and it bounces off, your browser will generally respond to the initial failure to access the file by popping up a username and password box, and if that gets in, your browser will remember that username and password.
More broadly, there’s a lot of ways to do auth, and in the Node and Express ecosystem, whatever you want to do can probably look like a Passport module; http-auth can be used directly with Express like in my example, but it can also be used with Passport.
Hope this helps,
Johnicholas
Can I do it without any express or anything like that? All I have is one json file that I want to restrict access on.
I think the answer is no, you cannot do it without any express or server-side stuff - since the one-public-file Glitch project is so simple, almost anything that you want to do will be more complicated. The very first step towards more complicated (on Glitch) is going to be ~hello-express; there isn’t going to be an in-between step where passwords work, but express isn’t installed.
I cut down ~courageous-ox to make ~bustling-cloth, an example of a one-secret-file project (hint: the username is “hello” and the password is something similar to “globe”) for you.
Hope this helps,
Johnicholas