The information stored on the page is in a JSON string, which is then encoded with Base64. So I set up my app to login, download the information, decode it, parse the JSON, and finally store the info locally using the Adobe encrypted local store. Almost all of that is done in that one ajax call.
Take a look at the source code below. It’s actually written in CoffeeScript, since thats just how I roll. If you are unfamiliar with CoffeeScript, take the few minutes to learn it.
Even if you aren’t using Adobe Air, this is a valuable little snippet. Change the last three lines to do something else with your newly found secret info. Not using Squarespace? Well, that will take a bit more work to get the URL and parameters just right.
The benefit of this is that I don’t have to do much to manage who has rights to the app, I just have to manage who has rights to the page on Squarespace. Also, I stored a hash of the users password in the local store, so on the app’s startup, I just compare the hash of the password the user enters to the stored hash to verify the user is valid and has access to the info.
I am sure there is a hole in here somewhere, but I think it is good enough for my purposes.