- edited description
[CDS API] Access Groups via Multiple User Accounts
The CDS API doesn't currently support the access group feature available via DLNA which users, especially with young children find very useful. This would also allow users to share a limited set of media with friends and family (i.e. share just a few photo albums).
Ideally, this would be added by extending the API to support multiple user accounts.
:23423/rest/remote
should be extended to list mutiple accounts, each with a username
, password
, and accessGroupId
. This would allow users to assign the same access groups that they use via DLNA to a specific user account.
:23424/cds/login
should be extended to accept an additional Username
header which is used to pick the password the check the supplied signiture against.
All endpoints that accept an authToken
as a parameter should then use the authToken
to detrmine the accessGroupId
(i.e. by storing the accessGroupId
with the authToken
at login time) and return the appropriate content.
Comments (10)
-
reporter -
repo owner I have to think about this a bit. My idea is to have a centralized web app, like my.serviio.org, which would be used to log into, and it'd then redirect the user to the last known public IP of their server. User accounts would then be managed there, instead of in the local serviio server instance.
Any ideas are welcome.
-
reporter That would definately make things more seamless for the users. You could allow multiple accounts to be tied to a server, with the option of a different access group. That would allow the server admin to give limited account to kids/friends/relatives. Then when the user signs in the see the list of servers tied to their account.
Obviously this is all quite a bit of work, what sort of time frame are you looking at? If its going to be a while, then I'll propose the intermedite solution of enforcing Full vs Limited access at the client side, by requiring the user to enter the password again if they change the access group. (Requires the option to pass an
accessGroupId
tobrowse
/search
requests, which should be fairly easy to implement server side). -
repo owner I'm about to start implementing the simple solution with passing accessGroupId. Are you still ok with that?
-
repo owner - changed version to 1.5
-
repo owner - removed version
-
repo owner Created
#788as the simple solution, to keep the original ticket still available and open. -
reporter Yes still OK with the simple solution if the full one isn't going to happen any time soon. Thanks!
-
Account Deleted This would be very useful option along with the current access controls
-
repo owner - changed status to wontfix
Will be resolved by
#931 - Log in to comment