safenotes icon indicating copy to clipboard operation
safenotes copied to clipboard
verified publisher icon koderhut

Authentication on note creation

Open Baptiste-Leterrier opened this issue 4 years ago • 1 comments

Is your feature request related to a problem? Please describe. If I host this solution, anyone can make safenotes. A restriction on who can make notes could be great.

Describe the solution you'd like

A toggleable authentication on the creation of a note. Note necessarily a login password. More like an authbasic, so only a set of person can create notes, where anyone can get a note wihtout authenticating (but still by using the note password)

Describe alternatives you've considered Maybe a simple auth basic on a reverse proxy could do the trick.

Baptiste-Leterrier avatar Feb 02 '21 09:02 Baptiste-Leterrier

Currently managed using a reverse proxy (here nginx) and auth-basic just "whitelist" these locations

location /app/view-note {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /app/modules {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /app/static {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /app/env.js {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /api/notes {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

and put auth basic on /

location  / {
        auth_basic "SafeNotes";
        auth_basic_user_file /etc/secure/.htpasswd;

        proxy_pass XXX;
}

Can also be included in a file for simpler modifications.

Baptiste-Leterrier avatar Feb 04 '21 17:02 Baptiste-Leterrier