A web UI for rTorrent, qBittorrent and Transmission with a Node.js backend and React frontend. Migrate to v4: https://github.com/jesec/flood/wiki/Migrate-from-older-versions-of-Flood.
This change adds a config option disableUsersAndAuth. When it is enabled, the app makes no effort to try to authenticate users, skips the login and register pages and goes straight to the dashboard, using a hardcoded administrator user.
The settings for the hardcoded user are in the config under the block configUser.
Related Issue
Fixes #240.
Motivation and Context
Some servers have their own authentication methods (e.g. nginx basic_auth, LDAP, OAuth and so on). Instead of trying to re-implement everything here, make authentication optional so it can be added as a layer.
How Has This Been Tested?
I set it up on my server, tested it with rTorrent both with SCGI and socket settings. Monitoring the network requests shows no remaining 401s.
As long as the config flag is not flipped (and by default it's not, which is why I chose the "disable" version instead of "enable" as I would have liked), this change is a no-op.
Note that I didn't try every operation, but given the horizontal nature of the change, I would expect that if something works, everything works.
Screenshots (if appropriate): N/A
Types of changes
[ ] Bug fix (non-breaking change which fixes an issue)
[X] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to change)
Checklist:
[?] My code follows the code style of this project.
I think so, but please double-check!
[x] My change requires a change to the documentation.
[ ] I have updated the documentation accordingly.
I think mentioning it in the Wiki could be nice, but I updated the config template.
[?] I have read the CONTRIBUTING document.
Couldn't find one :/
[ ] I have added tests to cover my changes.
I'll need help on that one, I'm not very comfortable with Node.
[ ] All new and existing tests passed.
npm test -> "There are no tests yet."
jesec
commented
3 years ago
Description
This change adds a config option
disableUsersAndAuth. When it is enabled, the app makes no effort to try to authenticate users, skips the login and register pages and goes straight to the dashboard, using a hardcoded administrator user.The settings for the hardcoded user are in the config under the block
configUser.Related Issue
Fixes #240.
Motivation and Context
Some servers have their own authentication methods (e.g. nginx basic_auth, LDAP, OAuth and so on). Instead of trying to re-implement everything here, make authentication optional so it can be added as a layer.
How Has This Been Tested?
I set it up on my server, tested it with rTorrent both with SCGI and socket settings. Monitoring the network requests shows no remaining 401s. As long as the config flag is not flipped (and by default it's not, which is why I chose the "disable" version instead of "enable" as I would have liked), this change is a no-op. Note that I didn't try every operation, but given the horizontal nature of the change, I would expect that if something works, everything works.
Screenshots (if appropriate): N/A
Types of changes
Checklist:
npm test-> "There are no tests yet."