Streaming live at 10am (PST)

Detect previous sign-in on non-protected pages?


#1

Hi there, I've got a folder password protected. I want to detect on another non-protected page whether a user did sign into the protected section. Is this possible?

I notice that a cookie named wf_auth_page is placed once a user has signed in. I can see this in Chrome Developer Tools under Storage > Cookies. But I can only see it there when I'm on a protected page. When I go on a non-protected page The cookie doesn't show up in the same place.

However, going to the Chrome Preferences > Content Settings > Cookies shows that the browser does have wf_auth_page.

I've tried using if (document.cookie.indexOf('wf_auth_page') === -1 ) in order to detect the presence of the cookie on a non-protected page, but that didn't seem to work.

Any suggestions would be welcome. Many thanks.


#2

This is best answered by @bart @cyberdave @brryant


#3

Hope this helps :wink: In general, if a cookie does not exist, the document.cookie.indexOf() will return -1. So in order to check if a cookie exist, your code might check for the value being higher than -1.

// Existing cookie
document.cookie.indexOf("existing-cookie") > -1 // true

// Non-existing cookie
document.cookie.indexOf("non-existing-cookie") > -1 // false

Cheers,
Bart


#4

Oh, also wf_auth_page only exist on the protected page. You might want to have a code that stores a specific value in localStorage instead.

// set value
localStorage.setItem('something', 'else')

// get value
localStorage.getItem('something') // else

#5

Thanks, Bart, for the explanations.

Just one question back: I thought if a cookie is placed when visiting a site it would be there to play with throughtout the site. From what you say this isn't the case here. Is this how cookies work in general, or could it also work the way I thought it did (ie. that WF places a cookie that's available on otherpages)?


#6

Specifically, the LOGIN cookie is placed/set only when the user passes login verification on the login form successfully.

If the user has not logged in, that specific cookie is not set, and thus this is how you can use the presence of the cookie to see if the user has signed in or not.


#7

Well, this is clear – but what I thought the coookie would then be the case is that the cookie was than available thoughout the rest of the site. Hence, I have the question I've asked in my last post:

I thought if a cookie is placed when visiting a site it would be there to play with throughtout the site. From what you say this isn't the case here. Is this how cookies work in general, or could it also work the way I thought it did (ie. that WF places a cookie that's available on otherpages)?