madiele / vod2pod-rss

Vod2Pod-RSS converts a YouTube or Twitch channel into a podcast with ease. It creates a podcast RSS that can be listened to directly inside any podcast client. VODs are transcoded to MP3 on the fly and no server storage is needed!
MIT License
230 stars 6 forks source link

Allow for authentication or other ways to securely set up as public instance #216

Open primeapple opened 1 month ago

primeapple commented 1 month ago

So I don't know if this even is an issue, but I would like to hear your thoughts on it!

I currently have vod2pod set up on my local network. This is fine, but I would rather have it on my public server. This should probably be just fine but I worry a bit about someone taking advantage of it and adding tons and tons of podcasts, thus driving the network usage up.

One way to solve this would be by requiring a auth token, when creating a feed. Another help would be to make it easier to monitor the amount of currently subscribed channels.

What do you think? Do you think there even is a problem with the application being abused?

madiele commented 1 month ago

It's an issue I'm interested in too, there is definitely a need for some kind of auth, my current idea is to support auth via authelia, authentik and so on more than implementing my own, and just secure the feed by requiring some generated hash when generating the feed for the first time and require it as input when fetching the feed and mp3s, then adding a simple password login is also doable.

Thanks for reporting that there is some interest in such a feature, as for when I'll implement it, no idea... my time for side project is pretty low at the moment

Martin-Fox commented 4 weeks ago

I just solved this using cloudflare tunnel. But it will be nice to have build-in authentication system. But this means or one password for all, or users system (which is more complicated).