Password protected directory

I’m not sure if this is the correct place to ask this question. It’s partially related to OpenCart. I’m very new to this, so I apologize.

I have installed OpenCart 4.0.2.3 in a folder on my server. The reason why it’s in a folder is I only want people who login to have access to the shop and stay logged in while shopping. (This has nothing to do with them logging into OpenCart. I don’t want them to see any of the products before logging in, not just prices). In order to have a password on the directory, I’ve used the .htaccess .htpasswd method which works fine to login.

The problem is that once I type in username and password and it accepts, I’m taken to a blank page. Nothing shows up. When I remove the password, the shop is there in the folder no problem. Does anyone know what I could be doing wrong? I’ve noticed there are other things in the .htaccess file besides the password check code. Perhaps this is why?

I’m open to using another method to password secure the folder, if someone has seen or tried another way. Or is there a way to hide the shop, like a landing page prior to logging in? I appreciate any help.

The blank page could be the result of an error. Check your server/PHP errors logs (not the OpenCart one).

I'm on a hosted server, so I checked the logs I have access to but it doesn't give any error. When I remove the code from the .htaccess file, it works fine. I'm wondering if some of the stuff that's in the .htaccess file is not working with the new code I'm adding to login.

So, I added this to the file:

AuthType Basic
AuthName "restricted area"
AuthUserFile /path/to/the/directory/you/are/protecting/.htpasswd
require valid-user

And I changed the path of course. But when that wasn't working, it said to try adding this:

<Directory /path/to/the/directory/of/htaccess>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
</Directory>

and again, I changed the path. But then I noticed that perhaps that might interfere with other things that were in the file such as:

## Prevent Directory listing
Options -Indexes

## Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|\.twig|\.ini|\.log|(?<!robots)\.txt))">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>

Also, some of these things said to restart the server, but I don't have access to that. But because I'm new at this, I don't know if any of these things work against each other. If it had been a clean, new .htaccess file, I could understand it would be simpler, but because it already has things in it because of OpenCart, then maybe it's not so simple after all. Is there another way to keep people from seeing the products, not just the prices in OpenCart?

You cannot use the Directory directive in .htaccess. You would be best to ask you host how to set a password protected directory for your hosting and why it's not working. You may even be able to do it from your hosting control panel.

If you wanted to hide the products in OpenCart and not .htaccess, you would need to modify OpenCart. You may find some examples if you do a search or even an extension.

Someone suggested to add the following code to /store/catalog/controller/common/header.php at the top:

if (!$this->customer->isLogged() && !in_array($this->request->get['route'], ['account/login', 'account/register'])) {
$this->redirect($this->url->link('account/login', '', 'SSL'));
}

But it's not working, and I'm wondering if I'm putting it in the wrong place. I've put it at the very top, inside the Header class and at the very end and I keep getting these errors depending on where I put it in the code:

Warning: Undefined property: Opencart\System\Engine\Autoloader::$customer in testing2/catalog/controller/common/header.php on line 98Call to a member function isLogged() on null: in testing2/catalog/controller/common/header.php on line 98

syntax error, unexpected token "if", expecting "function" or "const": in testing2/catalog/controller/common/header.php on line 13

Where about in the file are you adding it? Just after "$data['analytics'] = [];"?

First I tried putting it before and after:
namespace Opencart\Catalog\Controller\Common;

Then I put it after:
class Header extends \Opencart\System\Engine\Controller {

I'm not a programmer and I don't understand what this code does, so I apologize. At this point I was just trying it out in different places. I did try to put it after:
$data['analytics'] = [];

and I got this error:
Warning: Undefined array key "route" in /homepages/17/d197139026/htdocs/testing2/catalog/controller/common/header.php on line 18Call to undefined method Opencart\Catalog\Controller\Common\Header::redirect(): in /homepages/17/d197139026/htdocs/testing2/catalog/controller/common/header.php on line 19

I suppose the question is, if that snippet of code does what I was hoping it would do, and then it would just be a matter of putting it in the right spot.

You code is slightly wrong. Try.

It works! Thank you so much! It works beautifully! One last question, though, is it possible to make it go to the front page when logging in rather than My Account? I don't know where to change that redirect.

That works! Thank you so much, I really appreciate it!