Password Protection
Individual files can be protected with a password. It is also possible to protect the entire dir-browser instance with a global password.
Both file passwords and a global password can be used at the same time.
File passwordβ
A file can be protected with a password, which is stored in a dbmeta.json file.
Protected files can only be downloaded/viewed after unlocking them with the correct password. However, they are still visible in the file tree.
Protected files will display a key icon next to their name in the file tree.
Definitionβ
See Metadata for more information on how to define metadata for a file.
At this time, only files can be protected with a password, not directories. This may change in the future.
Hashβ
The hash should be generated using PHP's password_hash function.
You can generate one using the following command or use an online generator.
php -r "echo password_hash('foobar', PASSWORD_DEFAULT);"
{
"password_hash": "$2y$10$kwS/gp3aGLQ.DqUNhiqiPe1HDBN4mYlyfd06DIC/157L9WAaWngIy"
}
Plaintextβ
{
"password": "foobar"
}
Do not specify both password and password_hash.
Accessβ
Via UIβ
When accessing a protected file, you will be prompted to enter the password.
https://dir-demo.adriansoftware.de/examples/foo%20%20%20bar/bla%20bla.txt
GET requestβ
Specify the password as a key parameter in the URL:
https://dir-demo.adriansoftware.de/examples/foo%20%20%20bar/bla%20bla.txt?key=foobar
POST requestβ
Or as part of a POST request
curl -X POST https://dir-demo.adriansoftware.de/examples/foo%20%20%20bar/bla%20bla.txt -d "key=foobar"
Global passwordβ
The entire dir-browser instance can be protected with a global password using basic auth.
Definitionβ
βοΈ Configuration
| Variable | Default | Values | Details |
|---|---|---|---|
| PASSWORD_USER | <empty> | <string> | Usernameadded in v3.3 |
| PASSWORD_RAW | <empty> | <string> | Plaintext passwordadded in v3.3 |
| PASSWORD_HASH | <empty> | <hash> | Hash of a password. See definition above.added in v3.3 |
How to set configuration options
Use
docker run...- ...with
-e PASSWORD_USER=<empty> - ...with
--env-file .envand placePASSWORD_USER=<empty>in the file
PASSWORD_USER and either PASSWORD_RAW or PASSWORD_HASH is mandatory to specify.
Accessβ
Via UIβ
When accessing the dir-browser, your browser will prompt you to enter a username and password.
GET requestβ
Specify the username:password pair base64 encoded in the Authorization header.
For example if the username is admin and the password is foobar then Base64 encode admin:foobar to YWRtaW46Zm9vYmFy.
curl https://dir-demo.adriansoftware.de/examples/burger.jpg -H "Authorization: Basic YWRtaW46Zm9vYmFy"
POST requestβ
Or as part of a POST request
curl -X POST https://dir-demo.adriansoftware.de/examples/burger.jpg -H "Authorization: Basic YWRtaW46Zm9vYmFy"