Feat: lighthouse book - ui authentication (sigp#4232)

## Proposed Changes Added page explanation for authentication under Siren UI book. ## Additional Info Please provide any additional information. For example, future considerations or information useful for reviewers.
Woodpile37 · Jan 6, 2024 · b3fed3a · b3fed3a
1 parent 2320cdb
commit b3fed3a
Show file tree

Hide file tree

Showing 7 changed files with 37 additions and 2 deletions.
diff --git a/book/src/SUMMARY.md b/book/src/SUMMARY.md
@@ -34,6 +34,7 @@
     * [Prometheus Metrics](./advanced_metrics.md)
 * [Lighthouse UI (Siren)](./lighthouse-ui.md)
 	* [Installation](./ui-installation.md)
+    * [Authentication](./ui-authentication.md)
 	* [Configuration](./ui-configuration.md)
 	* [Usage](./ui-usage.md)
 	* [FAQs](./ui-faqs.md)

diff --git a/book/src/imgs/ui-autoconnect-auth.png b/book/src/imgs/ui-autoconnect-auth.png
diff --git a/book/src/imgs/ui-exit.png b/book/src/imgs/ui-exit.png
diff --git a/book/src/imgs/ui-fail-auth.png b/book/src/imgs/ui-fail-auth.png
diff --git a/book/src/imgs/ui-session-auth.png b/book/src/imgs/ui-session-auth.png
diff --git a/book/src/lighthouse-ui.md b/book/src/lighthouse-ui.md
@@ -11,7 +11,7 @@ _Documentation for Siren users and developers._
 
 Siren is a user interface built for Lighthouse that connects to a Lighthouse Beacon Node and
 a Lighthouse Validator Client to monitor performance and display key validator
-metrics. 
+metrics.
 
 The UI is currently in active development. Its resides in the
 [Siren](https://github.com/sigp/siren) repository.
@@ -24,7 +24,8 @@ information:
 - [Installation Guide](./ui-installation.md) - Information to install and run the Lighthouse UI.
 - [Configuration Guide](./ui-configuration.md) - Explanation of how to setup
 	and configure Siren.
-- [Usage](./ui-usage.md) - Details various Siren components. 
+- [Authentication Guide](./ui-authentication.md) - Explanation of how Siren authentication works and protects validator actions.
+- [Usage](./ui-usage.md) - Details various Siren components.
 - [FAQs](./ui-faqs.md) - Frequently Asked Questions.
 
 ## Contributing

diff --git a/book/src/ui-authentication.md b/book/src/ui-authentication.md
@@ -0,0 +1,33 @@
+# Authentication
+
+To enhance the security of your account, we offer the option to set a session password. This allows the user to avoid re-entering the api-token when performing critical mutating operations on the validator. Instead a user can simply enter their session password. In the absence of a session password, Siren will revert to the api-token specified in your configuration settings as the default security measure.
+
+> This does not protect your validators from unauthorized device access. 
+
+![](imgs/ui-session-auth.png)
+
+Session passwords must contain at least:
+
+- 12 characters
+- 1 lowercase letter
+- 1 uppercase letter
+- 1 number
+- 1 special character
+
+
+## Protected Actions
+
+Prior to executing any sensitive validator action, Siren will request authentication of the session password or api-token.
+
+![](imgs/ui-exit.png)
+
+
+In the event of three consecutive failed attempts, Siren will initiate a security measure by locking all actions and prompting for configuration settings to be renewed to regain access to these features.
+
+![](imgs/ui-fail-auth.png)
+
+## Auto Connect
+
+In the event that auto-connect is enabled, refreshing the Siren application will result in a prompt to authenticate the session password or api-token. If three consecutive authentication attempts fail, Siren will activate a security measure by locking the session and prompting for configuration settings to be reset to regain access.
+
+![](imgs/ui-autoconnect-auth.png)