Securing against non logged in users...
As the titles suggests, I am trying to make it so that a user needs to be logged in to see anything, rather than just logged in to be an admin.
I must be missing something really really simple, as any user I have can be read only or admin, but if you are not logged in, it can still read my webapps, etc.
I have searched around the docs, which touch upon UNIX like permissions, and various web posts that talk about the security.json, and settings.json, but I am not understanding how I can simply not let users access any SignalK data without being logged in.
I could setup a reverse proxy, but on a Raspberry Pi, this seems like overkill, as there is no point setting up a reverse proxy if it is not actually done properly, and seems a lot of effort if there exists a better way.
So here I am, finally asking in here, to see if I just missed something obvious, or if I have to actually hack my way to stopping the average bot from looking at my autopilot info?
Thanks in advance!
2 Replies
In security settings this works for me...dashboard, webapps and data browser are not accessible unless you log in.
Sorry for the late reply, that basically fixed it, I cannot believe I was chasing a complicated solution for something that was right there! Thanks!