Comments (8)
Could we make a separate ticket for auth and close this? I'm interested in that too, but there should be one feature request per ticket. So maybe if everything else here has been dealt with, we can close this? Otherwise, please open separate ticket for those too. Then we can close this. Thanks!
Please post the new ticket links here when done.
from send.
Authentication can be applied in some form using Basic HTTP authentication through a reverse proxy in front of a Send instance.
I tried that and on the desktop version of the site it works, however mobile users are prompted for the password to download, and if they hit cancel, the download works. Then they get offered the option to try uploading. Authentication for the uploader would be really nice to have baked in to the code.
from send.
Done, new issue here #32
from send.
@AliMickey for you or anyone else arriving here via Google, the relevant config options to change the download expiration time are:
# set the global limit enforced by the backend for all CLI/UI/API users
MAX_EXPIRE_SECONDS=315360000
# set the options available in the UI dropdown (first item is the default)
EXPIRE_TIMES_SECONDS=3600,86400,604800,2592000,31536000,157680000
# set the default expiration for CLI/API users
DEFAULT_EXPIRE_SECONDS=157680000
You can see these options, their defaults, and more limit configuration options available here: https://github.com/timvisee/send/blob/master/server/config.js
from send.
Hi there, first of all, thanks for your suggestions.
- Increase 7 day download limit time to something longer. (1 month perhaps).
(...)
I looked at the config file and i can see a max value for the seconds, i can try and help in this area.
I assume you're suggesting this for my public instance (https://send.vis.ee/). I set this to 7 days to limit disk usage and to make it less attractive for malicious intent (in turn preventing DMCAs and such). Note that I pay for hosting myself (with the help of some awesome donators though). I therefore don't have any plans to increase this limit. It is just intended for 'quick sharing' after all.
You may choose to host your own instance though! On your own instance you can set the limits to anything you'd like.
- Enable video streaming directly through the web if the file is a compatible file.
I'm afraid this is hard to implement with the current decrypting/downloading setup, especially with wide browser support. Sadly, I don't have the time available to make such big changes for this. If there's someone would like to give this a try though, sure, go ahead!
- Authentication for uploading.
What would you suggest? A password for the upload page, or real account authentication?
Send did have Firefox Account Authentication, but it has been removed because Mozilla does not allow usage of this in third party projects.
Authentication can be applied in some form using Basic HTTP authentication through a reverse proxy in front of a Send instance.
I'm sorry to say that the answer to most of your idea's is a 'no' for now. I hope you understand.
from send.
-
i meant on this repository, im hosting it myself and i can change it. But i mean for others as well. Is the config file only thing i need to change or is there a gui change as well?
-
is understandable, ill look into some solutions for that.
-
i would think a simple password check would be enough. I will look into this as well.
Also my instance works if i access it over direct ip, but going through https on reverse proxy is breaking uploading. Is there something i have to enable on nginx?
from send.
Is the config file only thing i need to change or is there a gui change as well?
You only have to apply the change in the configuration file. In fact, you can change the configuration properties through environment variables. They are listed in the configuration file.
Also my instance works if i access it over direct ip, but going through https on reverse proxy is breaking uploading. Is there something i have to enable on nginx?
I don't think so. Web sockets must be supported for uploading, but I don't think this requires setting anything explicitly. You might want to take a look at this Docker example, which deploys an nginx reverse proxy.
from send.
Yes i think having a simple GUI based password for uploading would be better opposed to http auth.
@timvisee I dont have any experience with the framework/language you are using, but could you point towards the main file where i would need to make the required changes for authentication? I would like to look around, thanks.
from send.
Related Issues (20)
- Total max file size of an instance HOT 2
- Transfer speed drops considerably as soon as the tab is not active HOT 3
- SSO or LDAP auth
- Fix permission on upload folder in docker HOT 2
- Anyone figured out a way to force dark mode? HOT 4
- Any way to make the upload accessible only for internal users and download for external? HOT 2
- If you click the logo then you're redirected to the homepage. How can I turn this off? HOT 2
- Logo reverse back after npm run build
- Error with redirection because of the # in the last part of the link url
- Add `unlimited` as an option for max downloads when sharing a file
- Uploading a folder not working HOT 2
- CUSTOM_DESCRIPTION does not seem to work
- Using send with password behind apache reverse proxy failed HOT 2
- Uploads fail after Send has been running for a extended period fo time HOT 1
- Can`t install Send
- Is it possible to recover an expired link data? HOT 1
- customizing the text under Simple, private file sharing HOT 2
- Is there a possibility to keep the unexpired send-archive always visible? HOT 1
- [FEATURE REQUEST] Add folder picker option like WeTransfer HOT 3
- [Request] ARM64 Support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from send.