Basic Auth system (for read-only / read-write access)

[comm2k]

Thanks for the auth-work so far. We would need a stand-alone solution. As you mentioned in issue #1 if a basic auth system is required I should open a new issue - here it is ;-)

• We'd prefer not having to use a reverse proxy (I'd have to read up and set up one first etc.)
• Also we're not embedding ethercalc in another app, we're using it 'pure' :)

[comm2k]

Alternatively if anyone can provide a how-to/guide on setting up auth with reverse proxy - that would be highly appreciated.

[audreyt]

Oops -- sorry for the late reply! I was made aware of this issue just now.

Password-protected reverse proxy setup instructions with nginx are here:

http://kbeezie.com/view/protecting-folders-with-nginx/
https://help.ubuntu.com/community/Nginx/ReverseProxy

I'll get a sample nginx configuration file checked in to the repository -- please ping me if you don't see a check-in to that effect by the next weekend. :-)

[comm2k]

Trying it out - would love to see the sample config file :)

[audreyt]

Hi! I've just checked in a sample config for nginx. The steps I've used to set it up is:

cd ethercalc
git pull
brew install nginx # or "apt-get install nginx", etc
nginx -p `pwd`/nginx/ -c conf/nginx.conf
node app.js --key secret # change "secret" to something site-specific

Connect to http://localhost:9000/ as usual; editors can use username "foo" and password "bar" to login and edit pages in authenticated URLs such as http://localhost:9000/xyz/edit ; readers may use normal read-only URLs such as http://localhost:9000/xyz (without the edit part).

To adjust the authentication passwords beyond the default foo/bar, use the htpasswd tool that comes with Apache to edit the nginx/conf/.htpasswd file:

# Adding password for user newuser
htpasswd -b nginx/conf/.htpasswd newuser newpass
# Deleting password for user foo
htpasswd -D nginx/conf/.htpasswd foo

Hope this helps!

Cheers,
Audrey

[audreyt]

BTW, after using Ctrl-C to stop node app.js, nginx would still be running, so we need an additional step to send the stop signal to it:

nginx -p `pwd`/nginx/ -s stop

[comm2k]

Thanks for the updates but I can't get this to work.
What works: ethercalc / alone
What does not work: ethercalc via nginx/proxy. I can open the ethercalc page, click "create spreadsheet" and then start editing but this never actually is forwarded to ethercalc. All data that is input via nginx is only visible to the current client and is lost if you reopen that session. The password prompt for /edit works.

[audreyt]

Hi! Please ensure you have nginx 1.1.4 or later (preferably nginx 1.2.0), as verified by nginx -v.

After that, please try git pull to get the latest code (71eb154), and restart both EtherCalc and nginx, the latter with an explicit -c flag if you're running nginx 1.2.0:

nginx -p `pwd`/nginx/ -s stop
nginx -p `pwd`/nginx/ -c conf/nginx.conf
node app.js --key secret

Please let me know if it helps!

[dreirund]

Can this be put into the documentation? There should it go, instead of referring from the documentation to an issue ...