Recommendation: Authentication to access the web application - 2FA would be awesome

[mimranfaruqi]

Hi,

This is very good solution that you have deployed here. I use this on a personal domain, however, this also expose anyone on the internet to download anything onto my machine - could be virus or simply waste of bandwidth. It would be really nice to have authentication or OAuth or maybe SSO configurable. Perhaps, through environment variables as optional.

Thank you

[fanyangto]

I concur, a simple authentication is probably good. But a 2FA is an overkill. The reason is that even with 2FA, I would not put this service on the Internet. It requires far more than 2FA to protect the service.

If the service is more suitable for home private network hosted. A simple 1FA is good enough and easier to manage. So that we don't have family members see what each other watching/listening.

But a related issues is logged in users should only see his own downloads. But that will soon become a bigger and bigger project. ;-)

[alexta69]

You can use Authelia or similar solutions to implement this, see here: https://github.com/alexta69/metube?tab=readme-ov-file#running-behind-a-reverse-proxy