-
Notifications
You must be signed in to change notification settings - Fork 490
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow the WebUI to connect to an authenticated API #2243
Comments
I managed to get it to work by putting the secret token in a cookie and by using a Nginx reverse proxy to pass the cookie into an authorization header server {
listen 80;
location / {
proxy_http_version 1.1;
proxy_pass https://ipfs.example.com/;
proxy_ssl_server_name on;
proxy_set_header Authorization "Bearer $cookie_token";
proxy_pass_header Authorization;
client_max_body_size 100M;
}
} Then go to your proxy url
Reload the page and voila |
I think there is an old code that support Basic Auth (#836, #1586), but afaik there is no support for The basic auth credentials are passed in URL form: @hazae41 does Basic Auth work for you (then we can close this), or do you need ability to pass custom |
Thanks, I will try Yet |
When the WebUI is same-origin, I can successfully go to But when the WebUI is cross-origin, its requests don't pass CORS, because it sends an The solution would be to always reply to I also noticed it can work with {"url":"https://ipfs.example.com","headers":{"authorization":"Bearer YOUR_TOKEN"}} |
Oops, seems like we needed more information for this issue, please comment with more details or this issue will be closed in 7 days. |
This issue was closed because it is missing author input. |
It's still an issue when connecting from a third-party, it's blocked by CORS
|
Can't you just set
Or is the problem that you don't control the node? |
Checklist
Description
ipfs/kubo#2389
Is there a way to connect to an authenticated API from the WebUI?
It seems the WebUI only accepts an URL or a Multiaddress without any possibility to customize the
Authorization
headerMaybe there should be a way to put the authorization into the URL via path or query parameters?
Thanks
The text was updated successfully, but these errors were encountered: