schollz
Add secure authentication for users
Do you have any plans regarding authentication? I plan to use the GPS feature of the app to keep track of my phone when it's outside my home. But for that I will have to expose the server to the internet and right now everybody could create new families etc.
I would like to have an account with user/password (maybe even certificate) required in order to connect to the server and would prefer not to use my proxy server for that. What are your thoughts on that?
@eifinger Not really. The main use-case here is for LAN homes so that should be pretty good protection.
Its not too hard to add authentication though, but it needs to be added across the ecosystem (in the app, the cli tool and the server). I have an idea of how to do this, but its not really a priority for me personally. If you'd like though, I'd be happy to help guide you how to do it.
My first idea was something like https://stackoverflow.com/questions/5011102/apache-reverse-proxy-with-basic-authentication?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa. What would you suggest?
I think something like that would work. In fact you can do it very easily with something like Caddy (basicauth / user pw).
If you do that, then I believe all you need to do is add credentials to your endpoints - https://user:[email protected]/api/....
I haven't tried this yet, so I think their may be an issue. But let me know and I should be able to fix it.
Tested, it's not working (with android client, the web ui works of course). Done it with nginx, and it's sending back 401.
