nuriel77
commented
3 years ago The /api paths used for wallet connections are not protected with login password.
Is that what you mean?
Closed Torgalide closed 2 years ago
nuriel77
commented
3 years ago The /api paths used for wallet connections are not protected with login password.
Is that what you mean?
Torgalide
commented
3 years ago Yes I know, question was how to protect with login/password. I want to chose who can connect.
nuriel77
commented
3 years ago You'd have to remove the wallet paths from permitted routes in the config.json
The best way of doing that is by overwriting the hornet config
The only thing you need to overwrite is the hornet_config_restAPI_permittedRoutes variable.
Maybe to something like this in the override file:
hornet_config_restAPI_permittedRoutes:
- "/health"
- "/api/v1/info"This will disable access to /api for everyone I want to be able to connect my wallet, but just me
nuriel77
commented
3 years ago I don't think this is possible, if I understand you correctly. Which paths/access do you want to keep available for everyone?
By default the config has these permittedRoutes:
jq .restAPI.permittedRoutes < /var/lib/hornet/config.json
[
"/health",
"/mqtt",
"/api/v1/info",
"/api/v1/tips",
"/api/v1/messages/:messageID",
"/api/v1/messages/:messageID/metadata",
"/api/v1/messages/:messageID/raw",
"/api/v1/messages/:messageID/children",
"/api/v1/messages",
"/api/v1/transactions/:transactionID/included-message",
"/api/v1/milestones/:milestoneIndex",
"/api/v1/milestones/:milestoneIndex/utxo-changes",
"/api/v1/outputs/:outputID",
"/api/v1/addresses/:address",
"/api/v1/addresses/:address/outputs",
"/api/v1/addresses/ed25519/:address",
"/api/v1/addresses/ed25519/:address/outputs",
"/api/v1/treasury"
]These allow access to the wallet. By limiting only to /health and /api/v1/info people can view the node's health and basic information.
Hi Nuriel77, More a question than a issue. How to manage login/password for wallet connection (/api)? Thx