Closed mimranfaruqi closed 2 months ago
I concur, a simple authentication is probably good. But a 2FA is an overkill. The reason is that even with 2FA, I would not put this service on the Internet. It requires far more than 2FA to protect the service.
If the service is more suitable for home private network hosted. A simple 1FA is good enough and easier to manage. So that we don't have family members see what each other watching/listening.
But a related issues is logged in users should only see his own downloads. But that will soon become a bigger and bigger project. ;-)
You can use Authelia or similar solutions to implement this, see here: https://github.com/alexta69/metube?tab=readme-ov-file#running-behind-a-reverse-proxy
Hi,
This is very good solution that you have deployed here. I use this on a personal domain, however, this also expose anyone on the internet to download anything onto my machine - could be virus or simply waste of bandwidth. It would be really nice to have authentication or OAuth or maybe SSO configurable. Perhaps, through environment variables as optional.
Thank you