[Simple Torrent] Access API from outside?

, ,

:uk:/:us:

My YunoHost server

Hardware: Raspberry Pi at home
YunoHost version: 4.1.6
I have access to my server : Through SSH & through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Hi all,
First let me thank you again for this great service you are putting out, I’m using YNH for about a year now and am really pleased!

Issue

I’ve installed Simple Torrent, which is overall a very good application, that does the job and is nice to the eye :wink:

However, there are no client App on Android that would allow me to manage torrents (only the WebUI, but I don’t like to open my browser and authenticate each time…) No problem, though, as I would consider developping a client app myself, using the RESTful API already provided.

I can access the API from the server itself, at localhost:3000 but I cannot find how to do it from outside. I have set the application to be invisible to visitors (which is sane), but that means that if I want to curl something to Simple Torrents, I will be faced with the SSO login page.

I am missing a piece here: how to deal with this page? Is there an authentication method that would allow me to reach Simple Torrents through this page, like a basic auth, a digest, or even some kind of token?
I am missing some important piece on the inner workings of SSO and probably Nginx too. Would someone be so kind as to explain to me how this is possible:

To reach localhost:3000 from outside (or any other port really)

I think this is a simple question for someone who knows the answer, but I don’t even know what to type in my search engine to get going…

Cheers

I guess you could open the port directly, but that would also freely expose the port to attackers, which ain’t good … So yeah, that’s why it’s behind the SSO. Unfortunately there’s no super-cool mechanism to bypass the SSO, except this which checks for a Proxy-Authorization header which basically works like regular Basic Auth. You need to feed some sort of base 64 encoded login+password (which therefore ain’t so great for a script, since you kinda end up hard-code your password in a file somewhere so uhg … ideally a token would be better I suppose)

1 Like

Merci Aleks !
I’ll make some tests and see if I can come up with a good way to use this Basic Auth. The password could be encrypted and only decrypted on requests, using some crypto key (with OpenKeyChain e.g.)
Anyway, thanks for the tip!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.