Web User Authentication
What is Web User Authentication?
If you want to protect your DataPages from unauthorized use, you can apply password protection. Protected DataPages require users to verify their identity before they gain access. This process is called Web User Authentication. When a user first sees an authenticated DataPage, the DataPage will appear as a login screen. To proceed, the user must provide identity verification information such as a username and a password. If the information is verified, Caspio Bridge will create a user session remembering the end-user's identity until they log out or the session expires. Caspio Bridge uses table records to store Authentication information. Therefore, because there is no limit to table size, Caspio Bridge allows for unlimited, user profiles.
Steps to prepare for Authentication:
1. Create your DataPages normally
In order to use Authentication you will need at least one DataPage to password protect. Password protection can be added and removed easily, so you can use any previously created DataPage for testing purposes.
2. Choose a table as your Authentication data source
Any valid table can serve as an Authentication table. This table contains the information to be used in the authentication process. Each record contains the user profile data for a single user. The most basic authentication table consists of one field for a username and one for a password. If you have user profile data already stored in another table you can add a username and a password field in the table Design view. It is also recommended that you include an email field so you can make a Password Recovery DataPage later if needed.
3. In the DataPage section create a new folder
Caspio Bridge authenticates by folder. Once a folder has been authenticated, every DataPage that is moved into this folder will be protected using the same authentication table and settings. This means that your users will only have to login once and they will be granted access to every DataPage in that folder. DataPages contained in other authenticated folders, by default, will require an additional login. Create a folder by clicking on the New Folder button. Then name your new folder.
4. Move a DataPage into your new folder
Select the DataPage you’d like to authenticate and click on the Move button. This will bring up a directory window showing the Root folder and all of the other folders currently in your account. Select the folder you are going to authenticate and click Okay. You can also make a new folder directly from inside the Move button window.
Steps to setup Authentication:
1. Start the Authentication wizard
You can Authenticate an entire folder by selecting it from the Root directory or from within the folder itself. Click on the Authentication button to begin the Authentication wizard. The Authentication button has an ID badge icon and is located immediately to the left of the New Folder button.
2. Enable authentication and select your authentication table
In the first screen of the Authentication wizard click the "Enable Authentication" checkbox. The first dropdown allows you to select your Authentication table. Again, this is the table that contains the user profile data that will be used during the verification process (i.e. username, password, etc.).
3. Choose Express or Custom Authentication
Express Authentication allows you to verify user identity using standard username and password fields. Select your table’s corresponding fields in the two dropdowns in the center of the first screen. The username field must be set to Unique in your Authentication Table. Press Finish and the Authentication setup process is complete.
The Custom Authentication option lets you select which fields will be used for Authentication and how they are displayed. It also gives you access to other customization options.
Custom Authentication Setup Process:
1. Select Fields
Select the fields that will be used to Authenticate user identity by clicking the arrow button to move them from the left panel to the panel on the right.
2. Configure Fields and Add Password Reset Link
Configure your field’s label and properties so they match the desired display. You can make fields case sensitive by clicking “Enforce Case Sensitivity.” You can also hide user input by clicking “Show as Password (****).”
In addition, you can add a "Forgot Password?" link in the login form. Simply insert a Header/Footer and create the link in the footer as:
<a href=”URL”>Forgot Password?</a>
Replace the URL with the direct URL of your Password Reset DataPage or the web address of the webpage where you have embedded your Password Reset DataPage.
3. Customize the login failure message
You can customize the failure message using HTML. This way you can direct users to a registration page or just alter the default wording to better match your website.
4. Logout
The final page of the Custom Authentication Wizard defines the destination after logout. By default, after logging out the Authenticated DataPages will be redisplayed as a login screens. You can change this to redirect users back to a specific webpage URL or even direct them to another DataPage such as an exit interview Web Form.
Summary
Authentication is a great way to quickly add security to your apps. When you authenticate a folder in Caspio Bridge, all of the contained DataPages will be password protected. You have many customization options available to you when setting up a login screen. You can also choose the Express option for fast, secure password protection.
I can't believe how easy this is! Thank you Caspio developers! I also am glad I have some background working with MS Access. This gave me a head start in learning Caspio's program.