Basic authentication is not recommended for production environments. It is primarily intended for testing and development purposes. For production deployments, consider using more secure authentication methods like Google or OIDC.

Configuration

To enable basic authentication, you need to set the following environment variables:
AUTH_SECRET
string
required
A secret key used to encrypt tokens and sign cookies. This can be generated by running:
openssl rand -base64 32
If Google or OIDC authentication is not configured, basic authentication will be enabled by default. However, if you want to use basic authentication alongside other methods, you must explicitly set AUTH_CREDENTIALS_ENABLED to true.

Usage

With basic authentication enabled, a new “Sign up” button will be displayed in the /login page where users can sign up using their email and password.