mister.koz's sandbox: httplock

This is a development project, and is not meant to be activated on a live production environment.

HttpLock is a small module that was created with the idea that .htpasswd documents are a well-needed but annoying function. Generally when we have a staging site or a pre-live prod site, we want the client/developers to be able to see, use and test a site without it being open to the internet and search engines. This usually involves creating an htaccess and htpassword document and an extra username/password pair for users to remember. This can be difficult when using integrated deployment across multiple environments that have different hosting structures.

Its very simple, when activated users are faced with an HTTP 401/403 authentication request before seeing anything, the credentials that the user has submitted are tested against the drupal users table.

All configuration options are configurable using drush.

Configurable options

• Realm name - the http message realm name
• Selected roles - users in roles that are not specified here will not be able to authenticate - note administrator cannot be disabled
• Whitelist IP's - while list IP's so viewers can only see the site from specific locations
• Auto auth IP's - Viewers on IP's that are in this list (and the white list) do not get asked for a login
• Disable IP options - Stops the Whitelist and Auto-auth detection
• Denied response type - allows you to select whether to show simple html/text or a node for denied auth attempts
• Denied message text - the page contents that is presented on a failed login attempt
• Denied Node ID - the node that you wish to show for failed login attempts