Skip to content
Magic e-VERSE

Access Control

Overview

Section titled “Overview”

The access control system restricts storefront access to approved B2B customers. It uses IP-based tracking with an admin approval workflow.

How It Works

Section titled “How It Works”
Customer visits storefront
        
        
  Gatekeeper checks IP
        
   ┌────┴────┐
   │ Approved │──► Full storefront access
   └─────────┘
   │ Pending  │──► "Your request is being reviewed" message
   └─────────┘
   │ Rejected │──► "Access denied" message
   └─────────┘
   │ None     │──► Show access request form
   └─────────┘

Enable/Disable

Section titled “Enable/Disable”

Set NEXT_PUBLIC_GATEKEEPER_ENABLED=true in the storefront environment to enable the gatekeeper.

When disabled, all visitors have full access.

Public Paths

Section titled “Public Paths”

These paths are always accessible, even when the gatekeeper is enabled:

  • /toegang — Access request page
  • /privacy — Privacy policy
  • /terms — Terms of service
  • /contact — Contact form

API Endpoints

Section titled “API Endpoints”

Check Access (Storefront)

Section titled “Check Access (Storefront)”
GET /store/access-check

Returns the current IP’s access status:

{
  "has_access": true,
  "status": "approved",
  "message": "Access granted"
}

IP detection checks headers in order:

  1. x-forwarded-for
  2. x-real-ip
  3. socket.remoteAddress

Request Access (Storefront)

Section titled “Request Access (Storefront)”
POST /store/access-request
{
  "name": "John Doe",
  "email": "john@company.nl",
  "company": "Company B.V.",
  "message": "Would like access for B2B ordering"
}

Manage Requests (Admin)

Section titled “Manage Requests (Admin)”
GET    /admin/aplt/access-requests           # List pending requests
PUT    /admin/aplt/access-requests/[id]      # Approve or reject

Database Table

Section titled “Database Table”

aplt_access_requests

ColumnTypePurpose
idintPrimary key
ip_addressvarcharRequesting IP
emailvarcharRequester email
companyvarcharCompany name
messagetextRequest message
statusvarcharpending, approved, rejected
approved_byvarcharAdmin who approved
approved_attimestampWhen approved
created_attimestampRequest date

Admin UI

Section titled “Admin UI”

Access requests are managed at Admin Panel → ADVANCED → Access Requests (/admin/22-access-requests).