Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature Request]: Add the ability to specify authorization data in addition to the host #289

Open
PhantomArt opened this issue Jun 27, 2024 · 2 comments
Assignees
Labels
enhancement New feature or request

Comments

@PhantomArt
Copy link

Is your feature request related to a problem? Please describe.

My AUTOMATIC1111 panel is open to the Internet via https and closed by authorization. I want to be able to connect to it from openOutpaint.

Describe the solution you'd like

I've written the details below.

Proposed workflow

The solution is to add an Authorization header to all HTTP requests, something like this:

headers["Authorization"] = "Basic " + btoa(username + ":" + password);

After this, the headers need to be passed to fetch.

I suggest adding optional username and password parameters and placing them in the interface as fields next to the host field.

Describe alternatives you've considered

About a year ago I found all the fetch calls in the code and hardcoded this header there in a hurry, and it worked. I don't remember if I had to change anything else in the code, but I remember that it didn't take long.

Additional context

No response

@PhantomArt PhantomArt added the enhancement New feature or request label Jun 27, 2024
@seijihariki
Copy link
Collaborator

While easy to implement, we need to decide where this information would be persisted, if at all. If not persisted, authentication would have to be required on every refresh. If persisted, we could store the credentials in localStorage. Although that is a bit insecure, I don't think there are much better alternatives...

We can add a "remember me" on the login prompt so the user can choose whether to store the plaintext credentials or not (maybe with a warning).

What do you think, @zero01101?

@zero01101
Copy link
Owner

@PhantomArt apologies for missing this for so long, i'm bad at this

@seijihariki O_O hey man! holy cow, how've you been? to be perfectly honest, i've done so very little with this other than keeping controlnet actually working and the soft inpainting - effectively, i'm down for whatever as long as it doesn't impede non-credentialed use lol :D no argument about plaintext maybe shouldn't live in localstorage on a basic security standpoint but we're not exactly doing banking here so it's probably pretty ok as long as folks stick to good password hygiene ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants