I suggest ...

Username and password to access bliss

An admin user and password account is a must. Authorisation should be delivered via HTTP basic authentication at least.

Later (but this is not the subject of this idea), further accounts with read only and/or write access would be great. Access control could allow read/write access to certain things such as certain albums, artists etc. Some accounts would be able to reorganise certain things. This would be especially useful if future API functions are made available.

30 votes
Sign in
Sign in with: facebook google
Signed in as (Sign out)

We’ll send you updates on this idea

ZoomZoomLuke shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Sign in with: facebook google
Signed in as (Sign out)
  • Wouter Teepe commented  ·   ·  Flag as inappropriate

    I like this idea. Just one simple password would be already pretty good.
    Using https (even when just with a self-signed cert) would be a nice plus to actually protect the password against being snooped when accessing bliss through wifi (who doesn't today). (and wireless encryption is generally crappy).

  • Anonymous commented  ·   ·  Flag as inappropriate

    Great idea. currently I'm opening and closing port 3220 when I want to work on the albums from outside my network.

  • AdminDan Gravell (Founder and programmer, bliss) commented  ·   ·  Flag as inappropriate

    Ok, well I prefer small steps, so can we change this idea to "Authenticated access to bliss", specifying minimum of HTTP basic authentication and the fact that there is only one level of authorisation: access? There would be no finer grained access control rules for this idea, that can come later.

    I'm interested in the car PC project, let me know if I can be of any further help. I've had some previous contact from people who have installed bliss on ARM architectures.

  • ZoomZoomLuke commented  ·   ·  Flag as inappropriate

    Hi Dan. The absolute minimum would be HTTP basic authentication as an option to protect the web interface from abuse. From a personal point of view, I intend to expose bliss to the internet for remote access on my vortexbox as i stream across the web. From a development point of view, we are developing an android based media hub (Arm9) for inclusion within a 2-din unit for car use. This will automatically sync and have a custom front end, but will require at least basic auth as a minimum security measure if we are to offer bliss as a plugin (which we would like to do, based on its simple UI)

Feedback and Knowledge Base