I am developing a simple product catalogue in nodejs. Nothing spectacular, basically a standard express site with some forms for crud operations of the products. Now those forms should only be visible to the admin so just one single account.
I have used passportJS so far but the way it would be now is:
- Create the registration form
- Have the registered user (the admin) have access to everything
- Delete the registration functionality and form from the site
Thats not how this is supposed to work is it? ;) I just need a single admin user to access the forms. nothing else.
How can I add that user while still being secure? I was thinking to use authentication and login form setup with PassportJS and inject the user directly via the Mongoshell. I am just honestly to inexperienced to know if that is the totally wrong/insecure approach or not.
Any pointers would be highly appreciated since every single tutorial I have come across so far "only" shows how to create the whole register/login system.