Add key-based authentication to management service

Intended to be the simplest auth possible: every time the service starts, a random key is written to `/var/lib/mailinabox/api.key`. In order to authenticate to the service, the client must pass the contents of `api.key` in an HTTP basic auth header. In this way, users who do not have read access to that file are not able to communicate with the service.
2026-03-04 15:54:48 +01:00 · 2014-06-21 23:42:48 +00:00
parent 326cc2a451
commit 067052d4ea
3 changed files with 94 additions and 2 deletions
--- a/setup/start.sh
+++ b/setup/start.sh
@@ -118,6 +118,7 @@ PUBLIC_HOSTNAME=$PUBLIC_HOSTNAME
 PUBLIC_IP=$PUBLIC_IP
 PUBLIC_IPV6=$PUBLIC_IPV6
 CSR_COUNTRY=$CSR_COUNTRY
+API_KEY_FILE=/var/lib/mailinabox/api.key
 EOF

 # Start service configuration.