Authentication with webhooks and example authentication-backend#194
Authentication with webhooks and example authentication-backend#194neilschark wants to merge 22 commits intoGlimesh:mainfrom
Conversation
|
Oh hell yea! This is amazing, you rock @neilschark I will give input tonight. Just getting off a flight and excited to see this :) |
… via another backend
neilschark
force-pushed
the
authentication-with-webhooks
branch
from
0f25406 to
2a470ac
Compare
|
I worked a bit more on the issue and the authentication works know, but I have the problem, that streaming from OBS is stopped with an generic error after around 10 seconds. I will try to get some more log output in the near future to continue the work. |
|
@neilschark this PR is perfect. My lack of feedback is just busy from work. Im going to merge this weekend! What do you think of having That way you can independently develop and iterate and not be blocked on me. This also keep broadcast box small. |
|
@Sean-Der no worries, This is a side project and everyone knows that that unfortunately has always to be prioritized low. It's your project, if you want to have the authentication just as a separate project, that's fine by me. Just the webhook functionality has to be merged regardless. |
neilschark
force-pushed
the
authentication-with-webhooks
branch
from
41fdca3 to
358361c
Compare
|
As discussed, I created an PR with only the webhook implementation here: #224 It is mostly the implementation by https://github.com/mpisat. I will create a different project with a sort of "reference" implementation with pocketbase, as I initially planned to do in this project. From my point of view this PR can be closed. |
|
Closing for #224 which I am working on merging now :) Sorry this took so long everyone! I am so excited for this to land |
2 participants
Hello,
This is currently just a draft and not finished, but I am at a point where I think we should discuss the idea and implementation!
Background
as discussed in #140 there is the need for only allowing some people to stream to the server. A good solution was also proposed by https://github.com/mpisat: webhooks.
They also wrote some code in their own fork, but never opened a PR.
So I took the liberty of using their code as a base but also add an example/reference implementation of a authentication-backend, so that the project can deliver it for users to use.
Plan
The plan is, that each user has a username and also a streamkey. If they want to stream, the have to provide their token as a bearer token e.g.:
If their token matches a user (their user hopefully 😉 ) the stream gets accepted. For viewers to watch they can now go to
server/$usernameto watch the stream for this user. Authentication for viewers is currently NOT intended, but could be implemented in a similar way very easily in the future, as far as I understand the code.Current Implementation in this PR
What I have done: I used pocketbase (https://pocketbase.io/) as it offers an easy way of building a REST-API in go. For starters we just need users, streamkeys and some permissions on the endpoints and that's it. Pocketbase offers an easy way of doing this and you can also add tons of SSO options for log in, so each administrator of a broadcast-box could easily add the providers of its choice.
Currently I only created the database schema and an custom internal endpoint for the webhook. The permissions are also still missing.
I currently have to problem that I can not fully test the changes, as the local dev environment is not working for me (doesn't work on the main branch either), as the frontend refuses to display any video and shows the following error:
ERROR The fetching process for the media resource was aborted by the user agent at the user's request.Could anyone help me, how to get it to work? I followed this documentation for local testing: https://github.com/Glimesh/broadcast-box/blob/main/CONTRIBUTING.md
Any feedback for the current plan and help is appreciated!