保护对微光闪亮应用程序的访问 [英] Protecting access to glimmer shiny apps
问题描述
这是我上一个问题的后续问题:是否可以看到闪亮的微光应用程序的代码
This is a followup question my previous question: Is is possible to see the code for shiny glimmer apps
我想知道按照 here 的建议构建 DynamicUI 是否太简单了a> 由 R-Studio 提供,它基本上充当用户名和密码来保护对微光应用程序的访问?
I was wondering is it too simplistic to build a DynamicUI as suggested here by R-Studio, that basically acts as a username and password to protect access to a glimmer app?
我正在考虑在原则上使用如下简单的东西(显然添加了所有输入和输出等:
I was thinking of using something simple like the below in principal (obviously with all the inputs and outputs added etc:
if(username=="x" & password=="y") { run the shinny app } else { print("access denied")}
但想知道这是否太简单了,很容易被破坏.
but was wondering if this is too simplistic and is something that could easily be broken.
或者也许以某种方式只允许用户名和密码组合尝试三次......不知何故......不太确定会多么闪亮地识别出同一个用户已经回来了......
Or perhaps somehow only allowing for three tries for the username and password combo...somehow...not too sure how shiny is going to recognise the same user has come back though...
对此的想法将不胜感激.
Thoughts on this would be appreciated.
推荐答案
是的,原则上.代码的服务器部分由用户从 Web 表单输入的内容控制,因此如果这些表单组件之一是密码,则服务器代码可能会向用户发出警告.
Yes, in principle. The server part of the code is being controlled by user inputs from the web form, so if one of those form components is a password then the server code can scream at the user.
问题是每次都需要发送密码,所以要么用户每次都输入,要么表单必须记住它.由于您无法控制服务器,因此您无法使用与会话绑定的 cookie,这是管理安全会话的常用方式,但您可以将密码作为隐藏项放在任何形式的隐藏项中,一旦用户返回给用户'我第一次就填对了.
The problem is that the password needs to be sent every time, so either the user has to input it every time, or the form has to remember it. Since you don't have control over the server you can't use cookies tied to sessions which is the usual way security sessions are managed, but you could put the password as a hidden item in any forms rendered back to the user once they've filled it in correctly the first time.
但与大多数互联网安全问题一样,如果你不得不问,你不应该这样做.
But as with most internet security questions, if you have to ask, you shouldn't be doing it.
这篇关于保护对微光闪亮应用程序的访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
