rest-server icon indicating copy to clipboard operation
rest-server copied to clipboard
verified publisher icon restic

Digest HTTP authentication

Open dionorgua opened this issue 5 years ago • 2 comments

Output of rest-server --version

rest-server 0.9.7 (v0.9.8-25-g924f6c9) compiled with go1.14.2 on linux/amd64

What should rest-server do differently?

It'll be cool to support Digest or some other HTTP authentication scheme without transmitting plaintext login/password.

What are you trying to do? What is your use case?

I've just found that using TLS causes pretty observable overhead. Most of data is already encrypted except file paths and authentication credentials. So once non-plaintext authentication is implemented, it should be pretty safe to use it without TLS.

May be related: https://github.com/golang/go/issues/29409

Did rest-server help you today? Did it make you happy in any way?

Yes :)

dionorgua avatar May 15 '20 08:05 dionorgua

Might be more useful to have a reverse proxy handle this (and optionally TLS) rather than creating another aspect to maintain in rest-server (when reverse proxies already do it so well and simply)? Just a thought :)

stevesbrain avatar May 15 '20 13:05 stevesbrain

This is one possible solution. I also considered this. But in such case we need option to get authenticated username from proxy. At least for multi-repo layout.

dionorgua avatar May 15 '20 14:05 dionorgua