The goal of this project is to make the frontend login and content security usable for integrators and editors.
Currently it’s some effort to make this work nicely and is a common requirement in many projects.
The epic for this project is https://jira.neos.io/browse/NEOS-1567
- Make it possible to highlight protected pages/content in tree or in the page (this will need some discussions what can be done)
- Give editors better feedback if an action is not permitted by showing a helpful message
- Disable backend actions which are not permitted by a users role
- Finish nodeProperty and parentNodeProperty conditions in NEOS-1458
- Redirect after login/logout configurable
- Hints on how to start with password reset in documentation (hard to implement in a generic way)
- Implement example group visibility mixins
- Improve documentation with examples
- Tackle issues with csrf tokens and multiple login forms on the same page (First form always takes the token and the second one can’t access it, so just ignore token in index action)
- Use resulting new features