dutchcoders/transfer.sh
1
0
Fork 0
mirror of https://github.com/dutchcoders/transfer.sh.git synced 2026-02-03 06:03:25 +00:00
Code Issues 48 Actions Packages Projects Releases Wiki Activity

Feature: skip auth from specific IP #97

New Issue
Closed
opened 2026-01-19 18:28:57 +00:00 by michael · 11 comments
michael commented 2026-01-19 18:28:57 +00:00
Owner
Copy Link

Originally created by @michaelscl on GitHub.

Hi,

We use the service to exchange files between customers. It would make the work easier to not require upload authentication when accessing from defined IPs.

What do you think?

best regards

Michaels

Originally created by @michaelscl on GitHub. Hi, We use the service to exchange files between customers. It would make the work easier to not require upload authentication when accessing from defined IPs. What do you think? best regards Michaels
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@toastie89 commented on GitHub:

@aspacca, thanks for the workaround!
Having one container with HTTP_AUTH_USER and another with IP_WHITELIST pointing both to the same storage works fine.

@toastie89 commented on GitHub: @aspacca, thanks for the workaround! Having one container with `HTTP_AUTH_USER` and another with `IP_WHITELIST` pointing both to the same storage works fine.
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@paolafrancesca commented on GitHub:

@michaelscl I see some value indeed, while I'm not sure about the extra complexity in configuration

just an idea at infra level: have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist?

@paolafrancesca commented on GitHub: @michaelscl I see some value indeed, while I'm not sure about the extra complexity in configuration just an idea at infra level: have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist?
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@paolafrancesca commented on GitHub:

have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist?

hello @michaelscl where you able to try this solution?

@paolafrancesca commented on GitHub: > have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist? hello @michaelscl where you able to try this solution?
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@toastie89 commented on GitHub:

@aspacca nice idea, I will give it a try

@toastie89 commented on GitHub: @aspacca nice idea, I will give it a try
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@michaelscl commented on GitHub:

@aspacca Yes, this is a partial solution for me. For the convenience of uploading from our lan, I didn't want to use HTTP_AUTH at all.
I use the program through a reverse proxy and sometimes I have a problem with HTTP_AUTH - the login window doesn't pop up and it shows an error.

@michaelscl commented on GitHub: @aspacca Yes, this is a partial solution for me. For the convenience of uploading from our lan, I didn't want to use HTTP_AUTH at all. I use the program through a reverse proxy and sometimes I have a problem with HTTP_AUTH - the login window doesn't pop up and it shows an error.
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@paolafrancesca commented on GitHub:

@michaelscl do you think the provided solution at infra level is satisfying?

I will look into adding NO_HTTP_AUTH_FROM_WHITELIST in case

@paolafrancesca commented on GitHub: @michaelscl do you think the provided solution at infra level is satisfying? I will look into adding `NO_HTTP_AUTH_FROM_WHITELIST` in case
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@paolafrancesca commented on GitHub:

@michaelscl
as I said my main concern was about complexity of the configuration.

I think a solution migth be to add NO_HTTP_AUTH_FROM_WHITELIST

@paolafrancesca commented on GitHub: @michaelscl as I said my main concern was about complexity of the configuration. I think a solution migth be to add `NO_HTTP_AUTH_FROM_WHITELIST`
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@paolafrancesca commented on GitHub:

I think YES, if the implementation is easy.

I was talking about this solution:

have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist?

@paolafrancesca commented on GitHub: > I think YES, if the implementation is easy. I was talking about this solution: > have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist?
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@michaelscl commented on GitHub:

@michaelscl do you think the provided solution at infra level is satisfying?

I think YES, if the implementation is easy.

@michaelscl commented on GitHub: > @michaelscl do you think the provided solution at infra level is satisfying? I think YES, if the implementation is easy.
michael commented 2026-01-19 18:28:57 +00:00
Author
Owner
Copy Link

@michaelscl commented on GitHub:

have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist?

Yes, but this is such a noodle solution. As I wrote. This whole thing is just a suggestion. It's up to you if you decide to implement it or not.

@michaelscl commented on GitHub: > have you thought about hosting two instances pointing at the same storage, one with and one without upload authentication, and route to the second from the IPs you'd like to whitelist? Yes, but this is such a noodle solution. As I wrote. This whole thing is just a suggestion. It's up to you if you decide to implement it or not.
michael commented 2026-01-19 18:28:58 +00:00
Author
Owner
Copy Link

@paolafrancesca commented on GitHub:

@michaelscl #538 in the case an IP already passed the IP filters authorise automatically for upload

not sure how useful it is. if you currently use the ip filter but you still set an http auth it means you want to differentiate two sets of ip filter lists: the one for get request and the one for upload requests

indeed I'm going to refactor the code in PR and provides a separated http auth ip filter lists because it is the only thing that makes sense

@paolafrancesca commented on GitHub: @michaelscl #538 in the case an IP already passed the IP filters authorise automatically for upload not sure how useful it is. if you currently use the ip filter but you still set an http auth it means you want to differentiate two sets of ip filter lists: the one for get request and the one for upload requests indeed I'm going to refactor the code in PR and provides a separated http auth ip filter lists because it is the only thing that makes sense
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
docker
enhancement
hacktoberfest
help wanted
invalid
question
storage provider
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
michael
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: dutchcoders/transfer.sh#97
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?