perskes
commented
1 month ago I would really appreciate this too. It appears that eel uses bottle as webserver, and bottle at least supports a decorator for basic auth. I dont trust myself with implementing this in a tool (eel) I havent used a lot, but I would approach it if @ChrisKnott would give us their opinion. https://stackoverflow.com/a/52461939
Recommend adding a security feature to "start" such as
secure=True|Falsewhich requires any client connecting on the bottle port to supply a randomly generated token to connect. We may not want other localhost applications to be able to make requests to the Eel app. The token could be sent to Eel by GET or POST and then added to a cookie.