I’ve an app utilizing angular and when deployed to a server, everybody can ofc obtain the supply codes, obfuscated or not.
But, I wish to stop consumer that aren’t authenticated to see the supply code of the core utility. Since proper now, the login is made on the actual app, they’ve entry to every little thing.
I used to be planning on making a static web page that function a portal, the place consumer authenticate, and separated from the primary app.
After login, you’d obtain an e mail with an url (could be hosted on the identical server) and a token, that will deliver you to the primary app.
The server would confirm the token (is that this attainable with nginx?) BEFORE serving any file from the primary utility.
Then, when an consumer is linked, since he’s server the actual app, however he’s linked, I’d not care if he because the supply code entry.
Is that this secured sufficient? Is that this doable utilizing nginx?