Wized authentication and Memberstack check the user in the front-end while Webflow membership checks it in the back-end, what does it mean?
Wized Auth
With Wized auth we can HIDE the elements in the browser but we can't REMOVE them if they are already there because they are already there when the page is sent to the browser.
While if the API is protected and the user is not logged in we can't recover anything, in that case it's 100% safe but we have to protect our API backend side.
This is because Wized helps us pass the token that the server gives us when we authenticate — if the token is valid the API will return the value.
Memberstack
It is similar to Wized because it also works on the front-end side. The founders themselves acknowledge that they cannot block the data from the "source" (backend) but only when they arrive at the recipient (the browser in our case).
The only way to protect them 100% is by saving the data in Memberstack.
The advantage of Memberstack are the many ready-made integrations, such as templates to be used in the most famous tools and the integration with the main providers such as Google login, Twitter, Apple etc.
Webflow Membership
Webflow Membership unlike all other solutions is the only 100% secure because the control is done directly in the backend and therefore if the user does not have privileges the call will not be successful and the page will not reach the browser.
Conclusions
As we have seen, to protect confidential information 100% you must have control over the backend and block unauthorized calls from there, before they reach the browser.
For this reason, the only way we have to date to 100% protect a Webflow project are two:
- Use Webflow Membership for authentication and then Wized or any other JavaScript library or frontend to make secure server calls — that way we have the best of both worlds
- Host the pages generated by Webflow on your own server where you can control and block unauthorized calls