Secure Zones Liquid Reference

Liquid snippets allowing you to access data from the Secure Zones Module.

Written By Luke Wakefield

Last updated About 2 hours ago

See Introduction to Liquid to learn more about the Liquid language.

About

We provide the Liquid for Sign Up, Login and Password Reset Forms and for checking if the current User is signed in

Introduction

In this Article we'll provide the Liquid which can be used to manage access to Secure Zones. It can be used across most Liquid Files (excluding emails).

Syntax

Log In

Example
{%- include 'login_form', layout: 'default', redirect: '/' -%}

Log In / Sign Up

Example
{%- include 'form', id: '1', layout: 'default' -%}

This is the same syntax for inserting a custom Form, where the id parameter should be the id of your Form. See the section Creating a Sign Up Form to learn more.

Once you have created a Form, you can select the Form from Toolbox and it will dynamically fill in the ID for you.

Log Out

Example
{%- include 'logout_button', layout: 'default' -%}

Recover Password Flow

Recover Password Form

The recover password form is the first step in recover password flow. Users should be presented with this form as they first realise they've forgotten their password. Completing the form sends an email to the provided address containing next steps.

By default, a system page will already be created on your site at /system/recover-password, which can be found in Admin under Site Manager/System Pages . You can edit that page, or add the form to a new page with the tag:

Example
{% include 'recover_password',
	buttonText: 'Submit',
	redirect: '/'
-%}

Password Reset Email

You can find and edit the Password Reset email in the Siteglide Admin under Site Manager/System Emails

It must contain a link to the dynamically generated URL: {{context.exports.reset_password.data.reset_password_url}}.

This will be the system page /system/reset-password with a dynamically generated token attached as a parameter.

Reset Password Form

This is the last step in the recover password flow where the user has already clicked the link in the email. If the token in the link is correct, they will be able to complete the form and their password will be changed.

This form should normally be outputted on the /system/reset-password System Page, as this is where the dynamic link from the email will point. You can optionally redirect users back to the page where they can sign in with their new password.

Example
{% include 'reset_password'
	failContent: 'The provided token is no longer valid. Please request password instructions again.',
	buttonText: 'Submit',
	redirect: '/'
-%}

Liquid Tags

These Liquid tags can be outputted in most contexts to get you quick information about a logged in user. They are not currently supported inside emails.

Field Name	Liquid Tag	Description
is_logged_in	{{context.exports.is_logged_in.data}}	true/false (boolean), the value is not stored as a string. Used to determine if the user is logged in or logged out.
Current User First Name	{{context.current_user.first_name}}	Outputs First Name of User currently signed in
Current User Last Name	{{context.current_user.last_name}}	Outputs Last Name of User currently signed in
Current User Email	{{context.current_user.email}}	Outputs Email Address of User currently signed in

Attaching a Secure Zone to a Page via CLI

The standard way to set Secure Zones to a page (and hide the contents of the page if the user does not belong to that Secure Zone) is to use the Siteglide Admin.

Doing so will actually add hidden yml properties and Liquid to the page. Here is how to do the same from the CLI. It also allows you to modify how it works to suit your purposes.

Add a metadata property to the page yml for secure_zones - note this actually tells CLI to display the current values of the Secure Zone settings when the page is viewed and modified in Admin. It is not, in itself, functional on the front-end:

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
  secure_zones: '150,413'
---
{% include 'modules/siteglide_system/constants' -%}
<!-- Page content here -->

The value of the metadata property should be a string, with IDs of specific secure zones separated by commas.

Be mindful of IDs: When carrying out a site-copy or go-live process, IDs will be preserved, so the new site will have Secure Zones copied which match the IDs in your code. However, if you deploy code from one site to another, you will need to adjust IDs to match Secure Zones on the new site.

Add an include which will lookup the Secure Zones inside the page

Example
--- 
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
  secure_zones: '150,413'
---
{% include 'modules/siteglide_system/constants' -%}
{% include 'secure_zones', secure_zones_string: '150,413' -%}
<!-- Page content here -->

Add logic to either hide the contents of the page, or display a 401.

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
  secure_zones: '150,413'
---
{% include 'modules/siteglide_system/constants' -%}
{% include 'secure_zones', secure_zones_string: '150,413' -%}
{% if context.exports.access_allowed.value == true -%}
  <!-- Page content here -->
{% else -%}
	{% include '401' -%}
{% endif -%}

Note, this Liquid is special, because it will be hidden from the Liquid in the page when you modify the page with Admin.

Handling a mix of Secure and Public Content with Liquid

Using Logic

We can follow the same steps as above, but since we don’t wish to hide the entire page, only a single section, we can skip step 1. We won’t attach the Secure Zone to the whole page.

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
---

Starting from step 2), we can use the Liquid include to look up a set of Secure Zones.

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
---
{% include 'modules/siteglide_system/constants' -%}
{% include 'secure_zones', secure_zones_string: '150,413' -%}

Then following step 3), we can add logic around only a single section:

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
---
{% include 'modules/siteglide_system/constants' -%}
<main>
  {% include 'secure_zones', secure_zones_string: '150,413' -%}
  {% if context.exports.access_allowed.value == true -%}
    <!-- Private content here -->
  {% else -%}
	{% include '401' -%}
  {% endif -%}
  <!-- Public section here -->
</main>

Handling multiple rules in a single Page

You could do this multiple times in the page to handle multiple types of secure zone:

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
---
{% include 'modules/siteglide_system/constants' -%}
<main>
  {% include 'secure_zones', secure_zones_string: '150' -%}
  {% if context.exports.access_allowed.value == true -%}
    <!-- My Account SZ content here -->
  {% else -%}
	{% include '401' -%}
  {% endif -%}
  {% include 'secure_zones', secure_zones_string: '413' -%}
  {% if context.exports.access_allowed.value == true -%}
    <!-- Admin SZ content here -->
  {% else -%}
	{% include '401' -%}
  {% endif -%}
  <!-- Public section here -->
</main>

{% include '401' -%} Is used to display the 401 system partial. When system pages are updated in Admin, both the system page and partial are updated together. When updating in CLI, you need to remember to update both.

Using {% include 'secure_zones', secure_zones_string: '413' -%} may be a little inefficient if you end up looking up secure zones multiple times in the same page. Another way to handle it is to look directly at the current user’s properties:

Directly check the User’s Secure Zones with Logic

Firstly, make sure your page has the constants include at the top
constants:
Access the current user’s secure zones:

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
---
{% include 'modules/siteglide_system/constants' -%}
{% assign szs = context.exports.current_user.properties.secure_zones %}

Add logic firstly to check if the user is logged in?

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
---
{% include 'modules/siteglide_system/constants' -%}
{% assign szs = context.exports.current_user.properties.secure_zones %}
{% if context.exports.current_user.id == blank %}
  Please log in first
  {% return %}
{% endif %}

Next, add logic to check the secure zones and show content:

Example
---
layout: templates/1
metadata:
  name: My Account
  enabled: true
  file_type: page
---
{% include 'modules/siteglide_system/constants' -%}
{% assign szs = context.exports.current_user.properties.secure_zones %}
{% if context.exports.current_user.id == blank %}
  Please log in first
  {% return %}
{% endif %}
{% if szs contains "150" -%}
  <!-- My Account SZ content here -->
{% else -%}
  {% include '401' -%}
{% endif -%}
{% if szs contains "413" -%}
  <!-- Admin SZ content here -->
{% else -%}
  {% include '401' -%}
{% endif -%}

Note the context.exports.current_user.properties.secure_zones is an array, not a string like we were passing in in the previous steps; this means we can safely use contains in the logic.