Open seekr opened 4 years ago
I think we'd also need HTTPS working for this, since otherwise we'd be sending the password (and all data) in plaintext. I've experimented with Site.js in this branch but haven't configured it with a hostname yet.
I think we should be wary of people using Oasis remotely unless they know what they are doing. I think it would be cool to access Oasis remotely via a Tor onion service or over SSH.
What's the problem you want solved?
I wanted to host Oasis in a remote server while restricting access to it to myself. Right now, I could run it in
--public
mode, but I wouldn't be able to post either. Temporarily making it non--public
could work, but it would leave the system vulnerable during that time.Is there a solution you'd like to recommend?
For now, I think Basic Authentication could work to protect publicly available Oasis instances (password stored in a config file?). In the future maybe we can have a access management section in Settings.
What version or commit of Oasis are you using?
commit 15417422a48ad57b39e088ae088dbfaee648e354