You seem to have mentioned in readme that you plan to support it later.

No user accounts. Not the focus right now. You can define separate collections for separate users based on the directory structure, but there is no authentication or authorization support.

Would it be possible to add basic support for admin only account. Probably in configuration.yml

password: "some_hashed_password"
collections:
   .....
   .....

I think something like this would make sense to support at some point. What are the things you would expect only an admin be able to do?

One way would be also to use something like oauth2-proxy with support for the authorization part here 🤔

My thought on the password was a super simple hack to get the site authenticated before a proper user accounts is added. As for full blown user account I would like it to support LDAP or OIDC. This comes with some complexity such as who as permissions for collections and so on. I put admin since it is only me currently will use it and when it support full user accounts will share it with other members in the family.

// auth middleware
  if configuration.password == nil {
     return;
  }

  if !req.IsAuthenticated() {
      if req.IsHtml() {
        res.redirect("/login")
      } else {
          res.status(401)
      }
   }

Currently I just want to protect the site with some sort of auth so anyone can't access the site.

I'd like to second this. This looks like a great project, and my wife would love it as an alternative to paying Apple every month. Just need authentication so we can access it from outside the LAN.
Keep up the great work.