How to show a login-form on restricted pages (frontend-login)?


(Jens Schütt) #1

Hey guys,
When defining an restricted area like here: https://github.com/Flowpack/Flowpack.Neos.FrontendLogin#protected-member-area I’d expect to get a 401 error if the user has not a defined Role. Currently I get a 404 - is it a bug or feature? If I’d get a 401, I simply could show a login page. Or is there any aspect I’m not aware about?

Currently I solve this issue with Fusion and check whether the frontend-user-role isset or not. So the content or a login-form is shown on my page. But I think it is not the best solution.


(Soren Malling) #2

To answer one question: The reason for 404 and not 401 in Neos CMS is to avoid telling a visitor “Oh yes, this stuf is hidden for you but other can see it” and just tell the client generally “there is no content/resource available at this uri”. So it’s not a bug but how the content delivering is managed when it comes to restricted content.