Header authentication about wallos HOT 3 OPEN

I am also looking at packaging this app for Sandstorm (sandstorm.org) and we eradicate authentication. If there is a way to tell it to accept a username from a HTTP header, it avoids us having to hack it together ourselves. ;)

We are obviously not unique in this strategy, so upstream support for it would likely benefit multiple self-hosting setups.

From a security standpoint, solutions using this method are proxying all traffic, so it's entirely safe to trust the presence of the header.

https://docs.sandstorm.io/en/latest/developing/auth/

from wallos.

I wouldn't know how to implement that securely at the moment. I'll give that a read and add this suggestion to my list.
Anyway, for now, you should only have to login once every 30 days (per device).
Thank you.

from wallos.

+1 self-hosted apps should have this by default: accept login tokens inbound via header as self-hosted environments or specific apps are reached via Tunnels or other VPN setups where inbound traffic is proxied through a reverse proxy, ideally pre-authenticated.
SSO makes total sense. Since containers are spun up quickly, a multitude of apps running locally, isolated in a secure way but have a common login layer. It drives me bonkers to login to all my different apps when switching tabs^^
Some of them are linked to OpenID or similar but its still a lot of silos making my life harder than it needs to be :-)

from wallos.