socks5-server icon indicating copy to clipboard operation
socks5-server copied to clipboard

Published 20 hours ago verified publisher icon serjs

feat: multiple user/password authentication

Open alexng353 opened this issue 1 year ago • 3 comments

Allows user to provide multiple user/password objects as a JSON object via the PROXY_CREDENTIALS environment variable.

[
	{ "username": "username1", "password": "password123" },
	{ "username": "username2", "password": "password456" }
]

Recommended to squoosh your JSON so that it's easier to copy and paste into a command prompt. You can also provide a .env file via the --env-file flag which makes providing this JSON object a little easier.

I am unsure if this is the best way to pass credentials, but given the string-only limitations of environment variables, this is the best I could think of.

fixes: https://github.com/serjs/socks5-server/issues/4

alexng353 avatar Jan 13 '24 06:01 alexng353

Hi, @alexng353! Long living request 👍🏻 Thank for you contribution, lets talk about userlist fetaere before merge it. What about making yaml-based format and using ENV var for using userpass file or event config-file? Most moder schedullers can generate secretfiles or configs with generating secretfiles. We can do config file at all, with userlist section.

For scaling features scenario, in future, we can have one entrypoint file for different cases, I can contribute and finalize this idea.

serjs avatar Jan 21 '24 11:01 serjs

What about making yaml-based format and using ENV var for using userpass file or event config-file?

If you would like to keep this project working without a database, the best way is probably to use a config file. Personally, if you were to do a config file for this project, I would prefer to have as many possible formats supported as possible, TOML, YAML, JSON, Apple PKL, etc all supported and parsing into one struct at start time. I'm not sure what an event config file or userpass file means, but if you can give me more context, I'll gladly contribute more to this project.

Considering how this project is primarily docker-based, I would think that continuing to support passing a multi-user configuration through an environment variable is likely a good idea. I wanted to ask you if it would be a good idea to allow passing username-password combinations as follows:

CREDENTIALS=username:password;username2:password2

And then manually parsing the string. I opted to use JSON since I wanted to support as wide a range of characters as possible.

Sidenote: Don't mind the unverified commits; I can re-sign them if you want. I accidentally lost my old GPG RSA keys when my computer died a few weeks ago.

Edit1: What are schedullers, secretfiles or configs with generating secretfiles ? I've never worked with those things before, so please pardon my ignorance about the matter.

alexng353 avatar Feb 25 '24 10:02 alexng353

Yea, i think CREDENTIALS=username:password;username2:password2 env var is good balanced option, still not optimized for users with large users datasets (untill they create side-generator for env var), but i liked it. Do you need help to rewrite multi-user feature for suggested one or you can create changes in this PR to complete feature?

serjs avatar Feb 26 '24 04:02 serjs