social.tchncs.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
A friendly server from Germany – which tends to attract techy people, but welcomes everybody. This is one of the oldest Mastodon instances.

Administered by:

Server stats:

3.9K
active users

Is there a web auth thing I can set up very easily that:
- is like htpasswd-based http basic auth but with a web form and a cookie instead of a browser-invoked dialog box
- is not a huge enterprisey SSO thing, tinier and simpler is better, if it includes the words "oauth" or "saml" it is too enterprisey
- ideally doesn't require changes to the things being authenticated to, would rather it behave like a reverse proxy
- the things being authenticated do not need to know who the user is, only "if a request makes it through to this endpoint, assume there is a valid user"

The problem I am trying to solve here is that I have some personal web-based tools, currently protected by http basic auth, of which I am the only user. But the UX for filling those auth dialogs in with my password manager is trash. I am not willing to switch browsers or password managers to fix it, so this is the only other variable I can play with.

edit: this gets much easier if you don't need it to be a literal reverse proxy; nginx.org/en/docs/http/ngx_htt is the bit I was looking for but did not know about.

nginx.orgModule ngx_http_auth_request_module
setq

@emily supports „Proxy Authorization“ which basically lets you use Authelia for something akin to http basic auth.

authelia.com/reference/guides/

Even though Authelia supports stuff like OIDC it‘s fairly simple to setup (while being rather flexible) and allows the definition of users and groups in plain files. Just like htpasswd.

Authelia · Proxy AuthorizationA reference guide on Proxy Authorization implementations