some sort of access control

[aaronpk]

Is there any interest in adding some form of access control to limit who can upload files? I'm interested in using this, but I would be the only person I'd want to be able to upload files.

An API key for the upload API would be simple. Some sort of login to limit the web interface would be a bit more work.

[geek-at]

There's a config setting "UPLOAD_CODE" that requires a code (specified in the config) for each upload. It's not yet implemented but will be soon

[thieman]

Alternatively, for my use case it'd be fine if I could use the secret upload URL and then disable the API upload capability entirely. Unless there's a way to do that now that I'm not seeing?

[npalladium]

This is something I'm interested in too. (Even disabling the API completely after the upload is done is fine.)

And thanks for the amazing project. Works like a charm with Lemmy.

[geek-at]

Since I have discovered that someone has uploaded CSAM (Child sexual abuse material) AGAIN on pictshare.net I'll implement this feature today or in the coming days as I'm sick and tired of sending reports to Interpol

[carcinocron]

@geek-at were you able to implement it?

[geek-at]

Yes at the moment I have implemented the ALLOWED_SUBNET Config field where you can enter a CDIR range for IPs that are allowed to upload. But havent implemented the UPLOAD_CODE config setting yet