FR: Collab with the Docs team to add a full "layer" of authentication around a site (or specified routes) #1619
Description
For a lot of the sites I've created, and will be building, they've never been 100% open to the public, and they never will be.
Some are for prototype work that are eventually thrown away, some are limited functionality sites that are used infrequently, for an indeterminate amount of time, by a limited amount of people. And I do think I'm not alone in that behaviour.
I've currently got a kinda complicated site up and running, which has had to set up google login, store user data, and have frontend authentication that's flimsy, and complicated backend authorisation, that's more than difficult to debug, and just... overkill for my needs.
And that's when I was thinking about the title.
If I create my brand new seaders-great-idea.firebaseapp.com site, what I'd love to do is, in the firebase console, in Authentication, turn on a "Site Authorisation" feature that has an option to control access like you can with a doc on docs.google.com. If I turn that on, the default would be to lock everything from the root of the site on, so if you try to access it, at all, you get the google sign-in screen, and if you sign in, and don't have access, you have the default "Ask for access" to the site.
If you wanted to go further, you could specify access per route. So you might allow access to /, but if someone tries to get to /results, that's the area of the sit that's locked down.
If I were able to have that, I would no longer have to log anyone in, I would no longer have to store anyone's user data (which I don't really want to have to do, already), I would just have to specify a few peoples names, in a well recognised piece of UI, just like Google Docs.