search

seblucas / cops

Calibre OPDS (and HTML) PHP Server : web-based light alternative to Calibre content server / Calibre2OPDS to serve ebooks (epub, mobi, pdf, ...)
http://blog.slucas.fr/en/oss/calibre-opds-php-server
GNU General Public License v2.0
1.43k stars 229 forks source link

Password Protection #369

Closed Promethean81 closed 6 years ago

Promethean81 commented 7 years ago

First of all a big thank you for building this awesome piece of software. I have struggled a lot of the last year with running Calibre's own server on my QNAP and it was a pain in the butt - from frequent crashes to the use of memory and CPU. COPS solves all of that, is super-fast and reliable. Thumbs up!

Now the only thing that bothers me is that there is no possibility to control access via password as for example included in Ubooquity. I know that you mentioned protecting your server via http/https auth but as I am not really fit when it comes to any form of coding or system administration I can't figure out how to do it (if there is a tutorial somewhere I'd be glad if someone could link it!) and would very much love to see a possibility to configure users and password access via the options tab.

Any chance of that happening (or maybe someone helping me out how to set up http/https auth on QNAP?)? Thanks a bunch in advance!

I am currently running COPS 1.0.0RC3 from a .qpkg as posted here: https://forum.qnap.com/viewtopic.php?f=320&t=101794

horus68 commented 7 years ago

Please see the wiki https://github.com/seblucas/cops/wiki/User-based-config

seblucas commented 7 years ago

COPS can be protected with HTTP basic auth with your webserver (it's explained in other issues). This is the preferred method.

If QNap webserver can't do that (very unlikely) then you can use COPS' integrated password protection but you really should prefer using your webserver.

yxeGithub commented 7 years ago

I just setup my QNAP to do password authentication.

  1. Create a file called .htpasswd and add usernames and passwords to it using this website http://www.htaccesstools.com/htpasswd-generator
  2. In the COPS directory at the root of it edit the file called .htaccess (it is hidden so make sure you can see hidden files)
  3. Remove the # from the bottom few lines and making sure that you reference your .htpasswd
  4. Make sure you leave the line AuthGroupFile commented out (with a #) as it didnt exist in my system and cause a server 500 error.

My .htaccess file = 

<FilesMatch "(index|feed)\.php">
AuthUserFile /share/Web/COPS/.htpasswd
#AuthGroupFile /dev/null
AuthName “Private Area“
AuthType Basic
Require valid-user
</FilesMatch>
ubupl commented 6 years ago

Set AuthUserFile /mnt/HDA_ROOT/.config/shadow and COPS will use NAS users .

yxeGithub commented 6 years ago

Nice that it a better way to handle user access. Thanks for sharing

martineheetik commented 5 years ago

When i do this i get a 500 internal server error. Without the htaccess file i can reach my database. Help