Basic Auth system (for read-only / read-write access)

Question

Basic Auth system (for read-only / read-write access)

comm2k opened this issue 12 years ago · comments

Thanks for the auth-work so far. We would need a stand-alone solution. As you mentioned in issue #1 if a basic auth system is required I should open a new issue - here it is ;-)

We'd prefer not having to use a reverse proxy (I'd have to read up and set up one first etc.)
Also we're not embedding ethercalc in another app, we're using it 'pure' :)

comm2k · Answer 1 · Sat Apr 28 2012 16:03:20 GMT+0800 (China Standard Time)

Alternatively if anyone can provide a how-to/guide on setting up auth with reverse proxy - that would be highly appreciated.

唐鳳 · Answer 2 · Sun May 20 2012 23:39:38 GMT+0800 (China Standard Time)

Oops -- sorry for the late reply! I was made aware of this issue just now.

Password-protected reverse proxy setup instructions with nginx are here:

http://kbeezie.com/view/protecting-folders-with-nginx/
https://help.ubuntu.com/community/Nginx/ReverseProxy

I'll get a sample nginx configuration file checked in to the repository -- please ping me if you don't see a check-in to that effect by the next weekend. :-)

comm2k · Answer 3 · Tue May 29 2012 15:25:19 GMT+0800 (China Standard Time)

Trying it out - would love to see the sample config file :)

唐鳳 · Answer 4 · Tue May 29 2012 15:49:57 GMT+0800 (China Standard Time)

Hi! I've just checked in a sample config for nginx. The steps I've used to set it up is:

cd ethercalc
git pull
brew install nginx # or "apt-get install nginx", etc
nginx -p `pwd`/nginx/ -c conf/nginx.conf
node app.js --key secret # change "secret" to something site-specific

Connect to http://localhost:9000/ as usual; editors can use username "foo" and password "bar" to login and edit pages in authenticated URLs such as http://localhost:9000/xyz/edit ; readers may use normal read-only URLs such as http://localhost:9000/xyz (without the edit part).

To adjust the authentication passwords beyond the default foo/bar, use the htpasswd tool that comes with Apache to edit the nginx/conf/.htpasswd file:

# Adding password for user newuser
htpasswd -b nginx/conf/.htpasswd newuser newpass
# Deleting password for user foo
htpasswd -D nginx/conf/.htpasswd foo

Hope this helps!

Cheers,
Audrey

唐鳳 · Answer 5 · Tue May 29 2012 15:52:08 GMT+0800 (China Standard Time)

BTW, after using Ctrl-C to stop node app.js, nginx would still be running, so we need an additional step to send the stop signal to it:

nginx -p `pwd`/nginx/ -s stop

comm2k · Answer 6 · Tue May 29 2012 21:21:28 GMT+0800 (China Standard Time)

Thanks for the updates but I can't get this to work.
What works: ethercalc / alone
What does not work: ethercalc via nginx/proxy. I can open the ethercalc page, click "create spreadsheet" and then start editing but this never actually is forwarded to ethercalc. All data that is input via nginx is only visible to the current client and is lost if you reopen that session. The password prompt for /edit works.

唐鳳 · Answer 7 · Wed May 30 2012 01:49:45 GMT+0800 (China Standard Time)

Hi! Please ensure you have nginx 1.1.4 or later (preferably nginx 1.2.0), as verified by nginx -v.

After that, please try git pull to get the latest code (71eb154), and restart both EtherCalc and nginx, the latter with an explicit -c flag if you're running nginx 1.2.0:

nginx -p `pwd`/nginx/ -s stop
nginx -p `pwd`/nginx/ -c conf/nginx.conf
node app.js --key secret

Please let me know if it helps!

dreirund · Answer 8 · Sat May 11 2019 16:08:32 GMT+0800 (China Standard Time)

Can this be put into the documentation? There should it go, instead of referring from the documentation to an issue ...