I'm trying to use a basic firebase app as a (secured) entrypoint to some web services hosted on a web server (using nginx).
The links to the webserver are simply hidden on the html (e.g. class='hiddenlink' id="lnk1"
) page until the user logs into firebase (then they are displayed).
Obviously this isn't very secure as it would be possible to view source to get the links. As an added layer of security I'm using http authentication on nginx
Is it possible to bypass the security for nginx if the user has successfully logged into firebase, i.e. only have to enter security details once?
Otherwise, I'm open to ideas on how to make this work as I'm aware this is a bit hacky!
I'm aiming for a structure like this...