Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: User accounts instead of one server password #54

Closed
Zimbelstern opened this issue Nov 8, 2019 · 4 comments
Closed

Feature request: User accounts instead of one server password #54

Zimbelstern opened this issue Nov 8, 2019 · 4 comments
Labels
enhancement New feature or request

Comments

@Zimbelstern
Copy link

As I would like to let several people use my server for location sharing, user accounts with separate password would come in handy. Consider the following advantages:

  • Better security: no need to change the server's password if a user leaks the password or if the permission for a user to use the server is revoked
  • Better compatibility: user accounts could be connected to other services (e.g. prosody in my case) with a single password per user for all services

Off topic:
Thank you so much for the development of this app and server! I had virtually been trying every location sharing app on F-Droid, most of them didn't work, were bloated, or I couldn't manage to setup the server. I was about to write my own application when I finally found Hauk!
@bilde2910
Copy link
Owner

Hi! Really good to hear that Hauk works well for you :-)

There was some discussion a while ago about adding user authentication support, but I didn't do more about it then, as I assumed that instances would be small enough that the password would only be shared with trusted individuals. That said, you do provide some valid arguments for user authentication, and I'll see what I can do about it.

I have several options on how to implement authentication. The simplest case would be a static .htpasswd-file-based approach where users are added to a file, but that doesn't integrate well. I can also add a RADIUS- and/or LDAP-based alternative authentication flow. Aside from that, do you have any suggestions or preferences of authentication protocols that could be implemented into Hauk? I don't know what works well with existing solutions.

@bilde2910 bilde2910 added the enhancement New feature or request label Nov 8, 2019
@Zimbelstern
Copy link
Author

Great to hear that my request is regarded! :-) It's not that I don't trust my users' secrecy. But you have to trust their phones and the way of communication with them, too.

I am familiar with the htpasswd-based approach because the CalDAV and CardDAV server radicale is using it but as I don't have any experiences with RADIUS or LDAP, I guess I am the wrong person to ask.

In my case, with only a handful of personally known users and focusing mainly on the XMPP service, my setup is still small enough to handle the accounts for each service manually. But as I am planning to extend my portfolio of free and privacy-friendly services, I will probably have to look into central user management tools one day.

@bilde2910
Copy link
Owner

I'll start off with htpasswd then. It's the easiest to implement by far.

@bilde2910 bilde2910 mentioned this issue Nov 10, 2019
Closed
@bilde2910
Copy link
Owner

This will be live in v1.4.

@bilde2910 bilde2910 mentioned this issue Dec 5, 2019
Closed
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bilde2910 @Zimbelstern