- SAP Managed Tags
Overview
In B2B settings, Early Login is a widely adopted feature that requires users to log in before gaining access to the website. This article will explore two popular methods to activate Early Login and explain internal implementation mechanism behind each method. Additionally, we will discuss how to bypass this feature, allowing users to access specific pages without logging in.
Two Ways to Enable Early Login
Enable Early Login in Composable Storefront
You can directly enable Early Login in Composable Storefront by providing the following configuration in spartacus-configuration.module.ts:
ConfigModule.withConfig({
routing: {
protected: true,
}
})
This configuration mandates that users must be logged in to access any route controlled by the CMS.
Please note, The only exceptions to this rule are certain routes labeled as public in the default-routing-config.ts file, including:
- login
- register
- forgot password
- reset password
Enable Early Login in Sap Commerce Cloud
You can also enable Early Login by setting "Requires Authentication" option to true for specific B2B website (such as Spartacus powertools Site) in Backoffice:
In this way, Users still need to login before they can access other B2B pages.
Internal Implementation Mechanisms
Enabling Early Login in Composable Storefront leverages the Angular Route's CanActivate mechanism. This feature allows any guard implementing the CanActivate interface to determine whether the current route should proceed, be canceled, or rerouted.
In the current implementation, every CMS-driven page is protected by a specific guard. If a route requires protection and the current user is not logged in, the guard will redirect them to the login page, as illustrated in the following diagram:
On the other hand, the implementation of Early Login in SAP Commerce Cloud leverages the Spring MVC HandlerInterceptor interface, which intercepts requests to apply custom processing before or after they are managed by OCC controllers. Specifically, one HandlerInterceptor implementation class will redirects users to the login page if the B2B website mandates authentication and the current user is not logged in.
Bypassing Early Login for Specific Route
When Early Login is enabled, individual routes can still be made public by explicitly setting protected: false in the specific route's configuration, for example:
ConfigModule.withConfig({
routing: {
protected: true,
routes: {
homepage: {
paths: [''],
protected: false // make the homepage route public
},
contact: {
paths: ['contact'],
protected: false // make the contact route public
}
}
}
}),
Apparently, both Homepage and contact us page can still be visited even though users are not logged in.
Summary
There are two methods to activate Early Login for the SAP Commerce Cloud B2B solution; however, I highly recommend enabling it through the Composable Storefront. This approach will alleviate the load on the SAP Commerce Server side and it's more flexible.
Moreover, in scenarios where only a small number of pages require protection prior to user login, Early Login may not be the most appropriate solution. Instead, utilizing CMS guarded components would be a more effective and suitable option in such cases.
| User | Count |
|---|---|
| 8 | |
| 2 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 | |
| 1 |
