Implement HTTP basic auth

[persidskiy]

Do you guys have such plans? I would like to install it in my private network and share with colleagues.

[muesli]

It should be fairly easy to integrate and I'm not opposed to it. I do recommend a simple nginx/apache/caddy reverse proxy with HTTPS around it, though.

[dgrr]

Related with https://github.com/muesli/beehive/issues/105

[Skrylar]

Do you guys have such plans? I would like to install it in my private network and share with colleagues.

Huginn does have separate user/pass and some degree of separation between individual user's creating agents and setting up chains. Beehive would probably need the concept of separate users though.

Pitching in a few cents, when it comes to actually verifying the passwords:

• Almost every web server has some way to do this. Actually the web servers probably have more ways to do it than a random microservice. Either through basic auth, http digest, kerberos, some kind of LDAP backed system. (Apache and Lighttpd for free, nginx has an easy way but is paid, and in all cases there are plugins to get around this.)
• Support for authenticating proxies is actually easier and quicker to implement than doing it yourself, at least on the dev side. Keycloak/LemonLDAP/Authelia just stuff the username either in the URL or as an X-Header depending on configuration.

Those are probably overkill and do require some setup on the user end, but:

• You probably don't run only beehive, if you are running in a multi-user environment and,
• Eventually you will want a way to share accounts across the services you do run, and,
• Keycloak/Lasso take over maintenence of the social accounts (OAuth, OpenID Connect) for you (LemonLDAP I think only likes LDAP and database servers, and isn't quite as built around social accounts but I might be very wrong on this), and ultimately,
• All the application does is check a header, the authenticating proxies do the security lifting and reduce people having to audit the login code for every single service they are using.

[dmoonfire]

For my Nginx setup, I went with:

    location / {
        auth_basic "BeeHive";
        auth_basic_user_file "/path/to/beehive.passwd";
    }

It was off-the-cuff, but works out for single user site.