mainsail icon indicating copy to clipboard operation
mainsail copied to clipboard

Published 20 hours ago verified publisher icon mainsail-crew

[FR] User authentication

Open 3dhobbies opened this issue 3 years ago • 15 comments

Is your feature request related to a problem? Please describe. Not a bug or so, basically a security concern when logging in from external domain (internet). i have done a port forward to my specific printer, and cannot find a way to force the mainsailos to ask for login credentials.

Describe the solution you'd like A basic secure login screen. forcing a user to log into the mainsailos when logging on.

Describe alternatives you've considered Cannot find any other way of securing the mainsailos install on my pi

Additional context Add any other context or screenshots about the feature request here.

3dhobbies avatar Apr 21 '21 11:04 3dhobbies

please do not use port forwarding on your printer! no matter if mainsail, octoprint or anything else is running on the printer! none of these systems were ever built for such a use. please use a secure vpn connection to your network.

apparently, some kind of login has now been integrated into moonraker, so i can also integrate it into mainsail, but it is still not a solution to access the printer via the internet.

meteyou avatar Apr 22 '21 11:04 meteyou

Thank you kindly Stefan.

I am already using a secure VPN to my workshop. The added login would be to keep nosy employees at bay 😃

Sent from Samsung / Android

Willie Le Maitre IT DirectorThe Nerd Zone (Pty) Ltd P: (010)8805851M: 0820430170A: 117A Ouklip Rd, Wilropark, 1724 W: https://nerdzone.co.za E: @.***  Please do not print this email unless it is necessary. Every unprinted email helps the environment.

On Thu, 22 Apr 2021, 13:13 Stefan Dej, @.***> wrote:

please do not use port forwarding on your printer! no matter if mainsail, octoprint or anything else is running on the printer! none of these systems were ever built for such a use. please use a secure vpn connection to your network.

apparently, some kind of login has now been integrated into moonraker, so i can also integrate it into mainsail, but it is still not a solution to access the printer via the internet.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/meteyou/mainsail/issues/267#issuecomment-824749512, or unsubscribe https://github.com/notifications/unsubscribe-auth/AODGF3UHPBMXN5BBDOPFX33TKAAF5ANCNFSM43KFJIKQ .

3dhobbies avatar Apr 22 '21 13:04 3dhobbies

I love to see support for the moonraker authentication functionality as well, hope it gets implemented soon! Just switched from fluidd to mainsail, but the authentication is the only thing that I find really missing.

Thanks a lot!!

JellevanKraaij avatar Nov 19 '21 14:11 JellevanKraaij

Does it make sense to reinvent the wheel instead of using something like basic auth in nginx? OP is saying that he could not find any other way, but this seems to fit the bill perfectly, since kiauh already sets nginx up and all :)

kubik369 avatar Jan 26 '22 09:01 kubik369

moonraker authentication does have certain advantages. furthermore, it is also nicer integrated in the gui.

meteyou avatar Jan 26 '22 12:01 meteyou

Switched from Fluidd to Mainsail and this is about the only thing I'm greatly missing. Definitely a nice to have!

dohlin avatar Feb 23 '22 04:02 dohlin

Is it possible to use basic auth in nginx? I've tried it, but after I provide credentials and Mainsail loads, it can't connect to Moonraker.

tfjield avatar Jul 17 '22 04:07 tfjield

Currently using Fluidd in combo with moonraker and in this network any network listener without a form of authentication is not an option. Therefore support for the moonraker auth is a much wanted request here.

rroethof avatar Sep 09 '22 20:09 rroethof

@meteyou hi! How can I help adding this feature?

MabaKalox avatar Apr 22 '23 01:04 MabaKalox

@MabaKalox hey! It would be very nice if you had time to finish the implementation! I started the implementation months ago here: https://github.com/mainsail-crew/mainsail/pull/370, but i haven't time to finish it.

The PR draft is very, very, very old. Starting with a new fork is more uncomplicated than updating my old branch.

meteyou avatar Apr 22 '23 09:04 meteyou

ahh sry. this was my implementation: https://github.com/meteyou/mainsail-dev/tree/feature/authorization

the PR above was from another guy.

meteyou avatar Apr 22 '23 15:04 meteyou

@meteyou Thank you, I will take a look.

MabaKalox avatar Apr 23 '23 10:04 MabaKalox

Hi. what's the status of the authentification implementation?

Robnex avatar Aug 27 '23 10:08 Robnex

Hi. what's the status of the authentification implementation?

its open on the roadmap. i currently run mainsail behind nginx proxy with a access list to authenticate while having public access. if you need authentication this is the way to go (for now).

midikeyboard avatar Aug 29 '23 08:08 midikeyboard

@midikeyboard even if the authentication of Moonraker is integrated, this feature is NOT made for public access!!!

meteyou avatar Aug 29 '23 09:08 meteyou