Password option for webapp

Discuss

Hi! I use yunohost because i clearly don’t want to navigate config files etc. Do you think it would be possible to have in the my_webapp panel to have an optional password? In this ai scrapers era the best thing to do is to hide and I like the concept of hosting but giving a pass only to the people I like without them making an account.

To be fair, i would also like to be able to set it for every app but maybe this is hard.

Another hard thing, related to this, would be to have more than one pass, just to give different people different tokens and being able to expire them and so on.

But again, these are hard so I would be happy even just with a single password that i can setup in the admin panel to be able to host a static site and password gate it with a veeeery long string

This can be achieved manually if you wish to tweak the configuration yourself by following Restricting Access with HTTP Basic Authentication | NGINX Documentation (the nginx config file to modify is /etc/nginx/conf.d/my.domain.tld.d/my_webapp.conf)

As for general use solution - I would recommend opening an issue in package repo (there actually is one related already Unable to use HTTP Basic Authentication with nginx · Issue #139 · YunoHost-Apps/my_webapp_ynh · GitHub)

1 Like

This looks like a thing that should be handled by the app you installed itself, create users with their own passwords

1 Like

tbf i meant only basic viewing option, not collaboration and granular permissions and so on

just to say ‘‘bots won’t scrape, only person i choose can view my stuff’’

You can always revoke visitors access I guess?

that means making account for every person i want to show it to, it’s a lot more work and probably enlarging attack surface because it would mean making account for people that may read once and never more in their life

with a single password seems just better and it works easier with rss too i think (imagine me hosting a single rss file on the webapp and nothing else and password gate it so only people that ask me to follow can access it :o )

i hope i don’t pass combative, it’s obviously not a top priority but i felt like maybe was easy for you to add but idk much about nginx, otherwise i would not be using yuno :smiley: