bypass profile select
This commit is contained in:
Mateusz Gruszczyński
11
auth.md
11
auth.md
@@ -35,6 +35,9 @@ PYTORRENT_AUTH_PROXY_AUTO_CREATE_PERMISSION=rw
|
||||
# Optional: trusted direct-IP/local hosts that should skip pyTorrent auth.
|
||||
# Use this only on private networks, never on public proxy hostnames.
|
||||
PYTORRENT_AUTH_BYPASS_HOSTS=10.11.1.11:8090,10.11.1.11
|
||||
|
||||
# Existing active user used by bypassed requests. Defaults to admin.
|
||||
PYTORRENT_AUTH_BYPASS_USER=admin
|
||||
```
|
||||
|
||||
|
||||
@@ -137,15 +140,19 @@ Example:
|
||||
PYTORRENT_AUTH_ENABLE=true
|
||||
PYTORRENT_AUTH_PROVIDER=tinyauth
|
||||
PYTORRENT_AUTH_BYPASS_HOSTS=10.11.1.11:8090,10.11.1.11
|
||||
|
||||
# Existing active user used by bypassed requests. Defaults to admin.
|
||||
PYTORRENT_AUTH_BYPASS_USER=admin
|
||||
```
|
||||
|
||||
Behavior:
|
||||
|
||||
- requests with `Host: 10.11.1.11:8090` or `Host: 10.11.1.11` use the built-in default admin user;
|
||||
- requests through the reverse proxy still require the configured auth provider;
|
||||
- profile permissions are ignored for bypassed direct-IP requests because they run as the default admin user;
|
||||
- `PYTORRENT_AUTH_BYPASS_USER` must point to an existing active user; when unset, pyTorrent uses `admin`;
|
||||
- if the bypass user is `admin`, profile permissions are ignored because admins can access all profiles;
|
||||
- when no active profile is saved for the bypass user, pyTorrent opens the profile picker instead of silently selecting the first profile;
|
||||
- after selecting a profile, the choice is saved in the default user's preferences and reused on the next direct-IP visit.
|
||||
- after selecting a profile, the choice is saved in the bypass user's preferences and reused on the next direct-IP visit.
|
||||
|
||||
Do not add public domains to this list.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user