Option to bypass authentication when accessing from localhost

SignalK / signalk-server

An implementation of a Signal K central server for boats.

http://signalk.org

Apache License 2.0

298 stars 150 forks source link

Option to bypass authentication when accessing from localhost #1712

Open tkurki opened 2 months ago

tkurki commented 2 months ago

People struggle with authentication. One solution to keeping remote connections secured against unauthenticated access but allow straightforward access when the user is local would be to add option for bypassing authentication and mapping access from localhost as admin.

tvr256 commented 2 months ago

@tkurki , I'm one of the users struggling with authentication. Running locally I continually get logged out, despite entering admin username/password and selecting "Remember me". Is this a bug or expected behaviour for local connections?

tkurki commented 2 months ago

What do you have configured as RememberMe timeout under Security / Settings?

tvr256 commented 2 months ago

Thanks for the pointer - I didn't even realise that setting was there! Would it be helpful to provide a hint on the login page?

Mine was set to 3 minutes, I assume that's the default value. Should the default be longer?

And finally, browsing the GitHub commits showed me you can set the value to "NEVER", but this isn't obvious from the settings page. Could we add NEVER to the example values?