search

koderhut / safenotes

SafeNotes a complete self-hosting secrets sharing app
Apache License 2.0
24 stars 3 forks source link

Authentication on note creation #44

Open Baptiste-Leterrier opened 3 years ago

Baptiste-Leterrier commented 3 years ago

Is your feature request related to a problem? Please describe. If I host this solution, anyone can make safenotes. A restriction on who can make notes could be great.

Describe the solution you'd like

A toggleable authentication on the creation of a note. Note necessarily a login password. More like an authbasic, so only a set of person can create notes, where anyone can get a note wihtout authenticating (but still by using the note password)

Describe alternatives you've considered Maybe a simple auth basic on a reverse proxy could do the trick.

Baptiste-Leterrier commented 3 years ago

Currently managed using a reverse proxy (here nginx) and auth-basic just "whitelist" these locations

location /app/view-note {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /app/modules {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /app/static {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /app/env.js {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

location /api/notes {
        auth_basic off;
        allow all;
        proxy_pass XXX;
}

and put auth basic on /

location  / {
        auth_basic "SafeNotes";
        auth_basic_user_file /etc/secure/.htpasswd;

        proxy_pass XXX;
}

Can also be included in a file for simpler modifications.