No way to protect the service from unauthorized access

[thankarezos]

I am trying to set up my own stremio web, I am using the stremio docker service and nginx as reverse proxy. I want to use my server outside the network, but there is no secure way, I can lock the frontend with basic HTTP authorization, but there is no way to do the same with service because the stremio-web doesn't allow a way to put the basic authorization. I even tried to make nginx create some cookies and then use these cookies to authenticate, but apparently stremio-web doesn't sent cookies to the service so nginx can't check it (it worked via postman). I tried to use a guid on url. it works with app.strem.io but it doesn't work with stremio-web because it omits on player it and sends the request to the domain without the route (also that makes it harder to use routes for the service, for example mydomain.com/service doesn't work)

I think 3 things need to happen.

1. allow the use of basic authentication on server url
2. don't omit routes on player mydomain.com/service should go to mydomain.com/service not mydomain.com
3. maybe forward the cookies so you can identify the client when making requests

Also, the fact that I need separate domain is quite annoying became I can't have mydomain.com for the front and mydomain.com/service for the service and I have to use separate subdomains.

The only secure way I found is local access with vpn but its not the desirable way