TiddlyWiki5 password protection
1,681 views
Skip to first unread message
Steve Meacham
Jun 5, 2015, 1:38:17 PM6/5/15
to tiddl...@googlegroups.com
My goal is to have a private but web-accessible TiddlyWiki5. So far, I have it running on Debian using node.js. Nginx is a reverse proxy, making it accessible only by using HTTPS (SSL). All of this works.
What remains is to prevent others from seeing or modifying it's content. I don't understand how the TiddlyWiki5's password feature(s) work. Can they put it behind a password wall? Or maybe there is some form of authentication that nginx can add?
Please advise. Several days of searching here and through Google have left me still empty-handed.
Sylvain Naudin
Jun 5, 2015, 4:37:18 PM6/5/15
to tiddl...@googlegroups.com
Hi Steve,
Le vendredi 5 juin 2015 19:38:17 UTC+2, Steve Meacham a écrit :
My goal is to have a private but web-accessible TiddlyWiki5. So far, I have it running on Debian using node.js. Nginx is a reverse proxy, making it accessible only by using HTTPS (SSL). All of this works.
Do you have followed howto and/or have you a link, just be curious :) I play with Node.js since 2 days, and SSL sound great (I've PI 2).
What remains is to prevent others from seeing or modifying it's content. I don't understand how the TiddlyWiki5's password feature(s) work. Can they put it behind a password wall? Or maybe there is some form of authentication that nginx can add?
Did you notice that with Node.js you can configure your login/password on command line ? Do you see this : http://tiddlywiki.com/#ServerCommand
With this, you have to complete login/password modal before you can access your tiddlywiki.
Is that you want ?
(If you want read access only, I don't have the answer, so I'm interesting too ^^')
Cheers,
Sylvain
c pa
Jun 5, 2015, 4:58:08 PM6/5/15
to tiddl...@googlegroups.com
Password access is configured on the "Saving" tab of $:/ControlPanel (Accessible from the little gear icon above the menu)
Once you set a password and save the tiddlywiki is protected so you need the password to edit it. You can still read it. So give the password to anyone you want to edit and don't to the rest.
People can still save a local copy to their own machine of the TiddlyWiki.
Once you set a password and save the tiddlywiki is protected so you need the password to edit it. You can still read it. So give the password to anyone you want to edit and don't to the rest.
People can still save a local copy to their own machine of the TiddlyWiki.
Jeremy Ruston
Jun 5, 2015, 5:01:14 PM6/5/15
to tiddl...@googlegroups.com, tiddl...@googlegroups.com
Hi Steve
The best approach here is probably to add a username and password to the --server command:
Best wishes
Jeremy
On Fri, Jun 5, 2015 at 9:58 PM, 'c pa' via TiddlyWiki <tiddl...@googlegroups.com> wrote:
Password access is configured on the "Saving" tab of $:/ControlPanel (Accessible from the little gear icon above the menu)
Once you set a password and save the tiddlywiki is protected so you need the password to edit it. You can still read it. So give the password to anyone you want to edit and don't to the rest.
--
You received this message because you are subscribed to the Google Groups "TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+...@googlegroups.com.
To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at http://groups.google.com/group/tiddlywiki.
To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/8bc86a97-d59a-4be0-a8e6-d7dbe730a37f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Steve Meacham
Jun 5, 2015, 5:46:26 PM6/5/15
to tiddl...@googlegroups.com
Now that I have the node.js app (tiddlywiki5) doing basic auth, I'm a step closer. Now I must figure out how to proxy that through nginx. So far, not so good. Thanks for the help, though.
Mircea S.
Jun 7, 2015, 7:10:18 AM6/7/15
to tiddl...@googlegroups.com
This will probably clear up a few questions.
Short answer: they are not encrypted on the server itself.
It's basically encrypted in transit and arrives encrypted in the client's browser, which in turn uses that password to decrypt it. Interesting, To the end user, it's similar to what SSL does exept for the browser part.
Look into ServerCommand, but I'll probably need SSL for that to make something more than just an authenticator.
--
You received this message because you are subscribed to the Google Groups "TiddlyWiki" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tiddlywiki+...@googlegroups.com.
To post to this group, send email to tiddl...@googlegroups.com.
Visit this group at http://groups.google.com/group/tiddlywiki.
To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/41f1c1f1-bba5-4513-95cb-4340d33b71bf%40googlegroups.com.
Jeremy Ruston
Jun 7, 2015, 7:22:31 AM6/7/15
to TiddlyWiki
Just to be clear, TiddlyWiki has three distinct features related to passwords/encryption:
* The ability to encrypt the content of a single file wiki. This is done with the "encrypt" button in the sidebar tools
* The ability to set a password when saving to TiddlySpot. This is done in the "Saving" tab of control panel
* The ability to use standard HTTP basic authentication with the Node.js server configuration. This is done on the command line with the "--server" command. Combined with SSL, this gives the same level of transit encryption as you'd get with online services like Google or Dropbox, but there is no encryption of data on disc
Best wishes
Jeremy.
To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/456DFDAA-E8DC-429A-A586-DCC67E71FEAD%40unom.ro.
Reply all
Reply to author
Forward
0 new messages