You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Custom controller security

Received Response
15
Views
4
Comments
edited Mar 1, 2018 9:47PM in Customer Portal 4 comments

Content

Hi all,

I've developed a custom controller, and I want this to only be accessible from the web site, not if someone accesses it from outside via postman or ajax for example.

I've looked into the framework and found a createToken function that I was thinking could be useful, but am not sure exactly how I would implement it. My thoughts are that set the token when the customer loads the web page, set it in the session on the server, then read the token from the form submission on the page later to check the customer had one. 

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!