I am trying to implement custom security for my website outside of the implemented wix roles/permissions. The reason I want my own is because I created my own members database and want to be able to assign permission levels within this database. I have a secondary database for access roles with permission levels. Right now, when an admin page is loaded, my code calls a backend function that then checks if the user has the correct permission levels which works just fine. Also, in case of a malicious user changing the front in code to no longer check for access, all database calls are checked in the backend for permissions as well. My main problem is getting a page to stop loading for someone who doesn’t have access. I tried running a wix.location.tourl() function as soon as the users authenticity is known but this call takes too long and the page is already presenting itself to the user (it’s not showing anything important, I just don’t want it to show anything at all). I have also tried immediately presenting a lightbox but this does not load in time either. Is there any way that I can check from my own database to know the user isn’t allowed in a location and redirect them or stop loading the current page before any GUI is presented?
Thank you for your time,
Logan
there is a method posted at the end of this thread that may be of use to you
Using routers is much more efficient for redirecting the users to the appropriate pages: See this example:
Stripe Payment Processing
Integrate the Stripe Payment processing system into a site. Three levels of user access are demonstrated: visitor, freemium (registered), and premium (paid).
Thank you both! I believe you’re both referring to the same thing but yes I was able to implement security to prevent people from accessing pages using routers. This was my first opportunity working with routers but I’ve got the hang of it now. Would it still be best practice to check for permissions on every backend function call as well? Basically, could a malicious user still find a way to call my specific backend funtions from a different page? I just don’t want to continue to slow down pages if I’m constantly checking for permissions but it’s worth it if it’s necessary.
Thanks for the help!
The routers basically take care of the permission checking. Other calls often don’t need to check, and in fact, often suppress the authorization (see WixDataOptions ). Backend code can do that since it’s the “boss”.
You can review the article Wix Code: Security Considerations for further insights.
Right I use suppressauth but that’s for wixs built in permissions. I am talking more about client side code that calls backend code. If I create jsw files that are made to be called from front end pages that are protected by my own router permissions, should I still, before I run my backend code, run my permissions again to make sure that a user didn’t inject a function call on a non router protected page or does wix already provide protection against code manipulation?
As long as you conceal sensitive information (user ids, credentials, payment info) in the back end and not allow them to “appear” in the front end you should be OK. That’s why some of the APIs have backend versions so that when needed, sensitive information can be retrieved (and concealed) in the backend.
Maybe I should describe my situation better. On my site, I have an administrative section to be able to retrieve any and all data from my databases in order to provide support and change information as needed. This information does not include data like passwords or payment info that is private but my company specific info that pertains to each member. This is information that my Admins need access to which they call functions to retrieve in my admin router pages. My question is, if a malicious user knew the name of my function calls, could they on say my home page, manipulate the javascript to perform this call and retrieve all that information?
I would recommend reading the article that I linked to. It addresses your concern:
Backend *code is not visible to site visitors. So it’s safe to use sensitive information there. However, keep in mind that even though malicious visitors can’t see what exported backend functions do, they can still see they exist, call them with any arguments they want, and examine their return values. Therefore, any exported backend code should contain some sort of validation mechanism before performing potentially harmful operations or returning sensitive information. Also, backend functions that are not called from public code should not be exported. *
Awesome thanks for the support. I have now added permission checks on all admin backend functions and will add more checks to my other functions in the future. I am also using a router to prevent unauthorized page access. Thanks!