Why no login password?

[think2011]

I mean, this is a remote tools, isn't it?

[IonicaBizau]

That's good point. I started this to make have very simple terminal in the browser (locally). But since the project is growing I do see the need for authentication. :lock:

I use this locally, but it can be used remotely as well. It does make sense to have authentication.

[think2011]

:-)

[espoal]

shouldn't authentication be left at app level? web-term is just a tool, I would think about HTTPS before auth, as it is more useful.

Right now I launch nginx to encrypt web-term, and the application decide who can see what.

[IonicaBizau]

@servermeta web-term does have HTTPs support already. I think the issue talks primary about the command line tool which doesn't have authentication.

When using it as library, of course, it's up to the app to enable access or not.

[espoal]

how do you enable https?

[IonicaBizau]

web-term -h examples show:

web-term -C path/to/cert.pem -K path/to/key.pem

[IonicaBizau]

In the latest release I added a very basic authentication system based on a querystring param.

TL;DR Run web-term --authentication-key foo and in the browser access localhost:9000/?key=foo.

For other authentication methods, feel free to open issues. I'm going to close this one for now. This is a very quick implementation. /cc #63

---

I'm going to travel in the next weeks and I wanted to expose my laptop's terminal to the internet. :rocket: Here's how I did it:

Forward port 80, locally

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 4200

Setup port forwarding in the router

192.168.2.142, 79-81

Start web-term on port 4200

web-term -p 42 --authentication-key a-very-long-key-here

Then in the browser you can access:

<public-ip>/?key=a-very-long-key-here

/cc @dooma