Closed gustaavv closed 2 weeks ago
The query string auth method is mostly meant for the OPDS feeds -- I wouldn't use it for an entire client.
Do you use both an api key and basic auth? It should be simple enough to add the ability to use custom headers, and if an api key isn't defined, the extra Authorization header won't be added.
Do you use both an api key and basic auth?
No, I don't. I don't intend to call the protect APIs from client. I just want Ichaival can have access to the public APIs. And I haven't enabled No-Fun Mode.
My LANraragi server is behind an Nginx instance with basic authentication.
To pass the basic auth, the request headers must contain:
So, It would be nice if users can set custom request headers in the Server section in settings.
Thanks.
Given that you are using
Authorization
header to send api key, I recommend using query string?key=[API_KEY]
to pass the authentication of LANraragi. Otherwise, it will conflict with basic auth of Nginx.