Hi, I know the title sounds like a contradiction. Here is the situation.
In my app I have successfully, behind the login wall, created some survey type pages, which work well, reading questions from a DB table and saving answers back to a differnt DB table. Very simple and secured with Wappler’s security features.
Now the client has requested a public facing survey. I have disabled the security on the page itself, and have disabled the security restricts on the Server Side APIs, just to get it to work.
Of course, I want to re-enable all the security restricts.
So my question is, in a public facing page, how can I read the questions from a secured DB and save the answers back to the secured DB? I have thought of having a separate unsecure DB and separate non-restricted APIs, or a JSON or CSV interface. But I am hoping that before I do anything complicated like that, there is a better answer (I really hope).
I know this will sound like a crazy idea, is there a way to silently log a public user in with a set username/password (say Application/CrazyPassword) and auto direct them to the ‘public’ facing page?
I’ve done this… but I’m away for the weekend and only have my phone so please message me early next week and I’ll reply with the details of how I have implemented it!
If the questions will be available publicly then why would you need the API to be secure? You can just create an API action file with a query in it but don’t add the security restrict. Saving the answers back can also be done in the same way.
If I’ve misunderstood then I’ll step back and leave @Antony to give you his solution.
Sidestreet, that is a good question. The questions are not sensitive, but the answers are. The survey is actually an application page for disabled persons to request services. Very private data. The page is made available to the public via my client’s web portal. Each application is indexed by an randomised access code that only the client’s applicant knows, therefore any applicant can only access their own data, no one elses.
Yes, basically that is how I do it. The random code is used for a lookup in the database before you’ve done a security provider. The data returned from that can then be used to pass the security checks specific to the app’s client so that questions are asked from and responses saved to that app client’s (or app client’s contact’s) part of the database.
So the app client’s contact accesses the page with a query param unique to them, which is stored in their contact record.
So the questionnaire can be open to anyone but the answers are added to the database without any output so that doesn’t need to be secure either. So long as https is used, the answers can be inserted into the table without any need for security but if you want to stop spam, just use a random code as confirmed by @Antony.
Hi, I take your points, I have cheated slightly, I created a silent auto login which works, and therefore the application page is able to use security restrict APIs. However this strategy leaves 2 vulnerabilities as far as I can think out.
Spammers will be granted an silent auto logon, I will solve that with a captcha
Once someone is in they may be able to guess thier way to other pages in the app. I will put a trap for that in the App,Load of each other page that will redirect Public logins to my Logon.php.
Are there any other vulnerabilities i may have created?
I’m still confused as to why it needs to use security restrict at all. An empty form which has a captcha on it should be enough. Or go with the random code so you can issue it to someone who needs to complete the form.
Ok, maybe I am revealing my embryo status at wappler and web logic in general.
I have created such a page as you are thinking of, the Inquiry page where the questions are hard coded onto the page, and answers saved via email (but could have been to DB). There are no security concerns for data on the Inquiry page. It uses recatcha to stop spamming.
This Application page does have security concerns for the answers. And the questions are configurable by my client. Therefore questions and answers must go to/from the DB via APIs.
I believe I have to use wappler’s security features on all APIs to guarentee (as much as possible) security of data. Am I wrong?
I do not initially issue a random code to the applicant, so I skip that step that Sidestreet is talking about. The applicant fills in the form without needing to come to grips with a random code. I only issue the random code if the applicant does not complete the Application and needs to come back to it at a later time.
I think the main concept you need to be clear on is the initial submitting of the answers by the visitor. There is no security needed here as the visitor is not retrieving any data. They are opening a blank form and the only data involved is what they are typing in. So that page, and the API which processes the submission, doesn’t need security assist.
On the other hand, any page which retrieves those answers (maybe an admin area where staff access that info) most definitely does need to be secure.
So the API server actions for the submitting of answers (the questionnaire) doesn’t need security assist. It inserts the data into the database but doesn’t output anything or retrieve anything.
Then a separate API server action is used by staff to retrieve the data and that does have security assist.