问题
I would like to give access to files in a folder to users that login to a web app that I made.
The users login by entering an ID and a password that is checked against a database that is accessible using an API.
Once they are authenticated they can use the web app but I would also like to give them access to files in a folder on the web server. The web server is running Apache and is separate from the API server.
I would rather not build a server side password authentication app but instead give access to files on the web server using .htaccess and .htpasswd.
Using .htpasswd access is appealing because it avoids the need to write Apache server side authentication code in PHP or whatever. I'd also like to not have to maintain an additional list of users and their passwords in the .htpasswd file.
Instead I'd have one user id/password in the .htpasswd file that would be secret, i.e. unknown to users of the site. If a user successfully authenticates through the database API I'd unlock the folder by passing that one .htpasswd ID and password to the Apache server.
How I see this working is similar to what is described in this link. Except that instead of receiving JSON I want to make the content of a folder available to the user. From the user's point of view they would see a list of all the files as URLs on my App's page.
来源:https://stackoverflow.com/questions/65225037/how-can-client-side-javascript-send-a-user-id-password-to-an-apache-server-so-th