this post was submitted on 23 Jul 2025
22 points (92.3% liked)

Selfhosted

49824 readers
1185 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
22
How to enhance Caddy's basic_auth? (lemmy.kde.social)
submitted 4 days ago by tubbadu@lemmy.kde.social to c/selfhosted@lemmy.world
13 comments fedilink hide all child comments
 

Hello fellow selfhoster! on my debian server I use Caddy as reverse proxy, and would like to protect some services and files with a password. I would like, however, to be able to access some protected files programmatically, from a script. using Caddy's built-in basic_auth works as intended, but I'd like to be able to use a login form instead of just a browser prompt. This is AFAIK not possible, so I'm looking for alternatives. Any idea?

you are viewing a single comment's thread
view the rest of the comments
[–] dgdft@lemmy.world 5 points 3 days ago (1 children)

How does programmatic access tie into the desire for a login form?

Either way, you can do a login form -> basic auth forwarding page by rigging up some simple JS, or access programmatically in a direct way by simply setting a manual Authorization header.

[–] tubbadu@lemmy.kde.social 2 points 3 days ago (1 children)

How does programmatic access tie into the desire for a login form?

I would like to keep files with "private" information protected from public access, but I would like to access them from a script. An example: i wrote a karaoke application to use with my friends, they have to go to a webpage and select the songs they like, and then the karaoke app connects to the server to get the updated preference file. I would like that the users had a "nice login form" to select their songs, and then I'd like my karaoke app to easily download the file while still keeping it password-protected

[–] dgdft@lemmy.world 1 points 3 days ago* (last edited 3 days ago)

Yeah, I believe you don’t need to extend Caddy at all for that.

Add a properly-formatted Authorization header to any requests you make to the server and it’ll work. See Wikipedia page for header string format:

https://en.wikipedia.org/wiki/Basic_access_authentication

On the webpage side, I’d have the login form make a POST to your login endpoint using a basic auth header to pull a JWT that acts as a “real” auth key for other pages.

This is all assuming you want to stick with basic auth as opposed to a more heavyweight option.