Skip to content

I suggest ...

← bliss

Username and password to access bliss

An admin user and password account is a must. Authorisation should be delivered via HTTP basic authentication at least.

Later (but this is not the subject of this idea), further accounts with read only and/or write access would be great. Access control could allow read/write access to certain things such as certain albums, artists etc. Some accounts would be able to reorganise certain things. This would be especially useful if future API functions are made available.

34 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

ZoomZoomLuke shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Wouter Teepe commented  ·   ·  Report

    I like this idea. Just one simple password would be already pretty good.
    Using https (even when just with a self-signed cert) would be a nice plus to actually protect the password against being snooped when accessing bliss through wifi (who doesn't today). (and wireless encryption is generally crappy).

  • dale commented  ·   ·  Report

    user password be plus for login
    keep secure

  • Anonymous commented  ·   ·  Report

    Great idea. currently I'm opening and closing port 3220 when I want to work on the albums from outside my network.

  • AdminDan Gravell (Founder and programmer, bliss) commented  ·   ·  Report

    Ok, well I prefer small steps, so can we change this idea to "Authenticated access to bliss", specifying minimum of HTTP basic authentication and the fact that there is only one level of authorisation: access? There would be no finer grained access control rules for this idea, that can come later.

    I'm interested in the car PC project, let me know if I can be of any further help. I've had some previous contact from people who have installed bliss on ARM architectures.

  • ZoomZoomLuke commented  ·   ·  Report

    Hi Dan. The absolute minimum would be HTTP basic authentication as an option to protect the web interface from abuse. From a personal point of view, I intend to expose bliss to the internet for remote access on my vortexbox as i stream across the web. From a development point of view, we are developing an android based media hub (Arm9) for inclusion within a 2-din unit for car use. This will automatically sync and have a custom front end, but will require at least basic auth as a minimum security measure if we are to offer bliss as a plugin (which we would like to do, based on its simple UI)

  • AdminDan Gravell (Founder and programmer, bliss) commented  ·   ·  Report

    Thanks for this. What would you say is the absolute minimum first step? Adding a username/password challenge to bliss? Would you actually use this, and what are the reasons for using a username/password challenge?

bliss

Categories

Feedback and Knowledge Base

(thinking…)