I suggest ...

Username and password to access bliss

An admin user and password account is a must. Authorisation should be delivered via HTTP basic authentication at least.

Later (but this is not the subject of this idea), further accounts with read only and/or write access would be great. Access control could allow read/write access to certain things such as certain albums, artists etc. Some accounts would be able to reorganise certain things. This would be especially useful if future API functions are made available.

49 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    ZoomZoomLukeZoomZoomLuke shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    8 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Wouter TeepeWouter Teepe commented  ·   ·  Flag as inappropriate

        I like this idea. Just one simple password would be already pretty good.
        Using https (even when just with a self-signed cert) would be a nice plus to actually protect the password against being snooped when accessing bliss through wifi (who doesn't today). (and wireless encryption is generally crappy).

      • AnonymousAnonymous commented  ·   ·  Flag as inappropriate

        Great idea. currently I'm opening and closing port 3220 when I want to work on the albums from outside my network.

      • Dan GravellAdminDan Gravell (Founder and programmer, bliss) commented  ·   ·  Flag as inappropriate

        Ok, well I prefer small steps, so can we change this idea to "Authenticated access to bliss", specifying minimum of HTTP basic authentication and the fact that there is only one level of authorisation: access? There would be no finer grained access control rules for this idea, that can come later.

        I'm interested in the car PC project, let me know if I can be of any further help. I've had some previous contact from people who have installed bliss on ARM architectures.

      • ZoomZoomLukeZoomZoomLuke commented  ·   ·  Flag as inappropriate

        Hi Dan. The absolute minimum would be HTTP basic authentication as an option to protect the web interface from abuse. From a personal point of view, I intend to expose bliss to the internet for remote access on my vortexbox as i stream across the web. From a development point of view, we are developing an android based media hub (Arm9) for inclusion within a 2-din unit for car use. This will automatically sync and have a custom front end, but will require at least basic auth as a minimum security measure if we are to offer bliss as a plugin (which we would like to do, based on its simple UI)

      Feedback and Knowledge Base