izderadicka
commented
3 years ago As per https://www.authelia.com/docs/home/architecture.html actually authelia should work for unauthenticated requests (with audioserve running with --no-authentication).
Then the requirements on android client would be:
a) Do not use default authentication via shared secret
b) Interact with login process of authelia - e.g. handle redirects - open browser window?
c) Inject authenticated cookie to communication
Just wondering if web client works fine with authelia. I hope it should -as redirection and cookies.
For android it's bit more complicated. I think it always uses default audioserve authentication which then produces Authorization: Bearer <token> header which is used in further communication.
I'll not look into it (I think it's rather marginal use case now), but if somebody want to, PRs are welcomed. So I'll keep issue opened.
ataraskov
I'm using audioserve behind authelia. Is it possible to adjust client for extra layer of authentication?