-
Notifications
You must be signed in to change notification settings - Fork 0
Authentication System
roto31 edited this page Dec 12, 2025
·
1 revision
StreamTV includes comprehensive authentication support for both Archive.org and YouTube using a web-based interface.
The authentication system provides:
- Web interface login pages for both services
- Automatic credential storage in macOS Keychain (Archive.org)
- Automatic re-authentication when sessions expire
- Secure credential management with proper storage and handling
Access: Settings → Archive.org (in sidebar) or /api/auth/archive-org
Features:
- Login form with username and password fields
- Shows current authentication status
- Logout button to remove credentials
- Automatic credential storage in Keychain (on macOS)
- Checks authentication status on server startup
- Re-prompts via SwiftDialog if authentication fails
- Automatically re-authenticates when accessing restricted content
- Handles session expiration gracefully
-
GET /api/auth/archive-org- Login page -
POST /api/auth/archive-org- Login with credentials -
DELETE /api/auth/archive-org- Logout -
GET /api/auth/archive-org/status- Check authentication status
Access: Settings → YouTube (in sidebar) or /api/auth/youtube
Features:
- Upload cookies file (cookies.txt format)
- Shows current authentication status
- Instructions for exporting cookies
- Remove authentication button
How to Export Cookies:
- Install browser extension:
- Chrome/Edge: "Get cookies.txt LOCALLY"
- Firefox: "cookies.txt"
- Visit youtube.com and login
- Click extension icon
- Export cookies to cookies.txt file
- Upload file via web interface
File Format:
- Netscape cookies format
- Must contain YouTube cookies
- Stored in
data/cookies/youtube_cookies.txt
-
GET /api/auth/youtube- Login page -
POST /api/auth/youtube/cookies- Upload cookies file -
GET /api/auth/youtube/status- Check authentication status -
DELETE /api/auth/youtube- Remove authentication
archive_org:
enabled: true
preferred_format: "h264"
username: "your_username" # Set via login
password: "your_password" # Set via login
use_authentication: true # Enabled after loginyoutube:
enabled: true
quality: "best"
extract_audio: false
cookies_file: "data/cookies/youtube_cookies.txt" # Set via login
use_authentication: true # Enabled after loginArchive.org:
- macOS: Stored in macOS Keychain (secure)
- Other platforms: Stored in config.yaml (encrypted recommended)
YouTube:
- Cookies file stored in
data/cookies/directory - File permissions should be restricted (chmod 600)
- Never commit credentials - config.yaml is in .gitignore
-
Restrict file permissions - Use
chmod 600for config.yaml and cookies files - Use Keychain on macOS - Automatic secure storage
- Rotate credentials - Change passwords periodically
- Monitor authentication - Check logs for authentication failures
Symptoms: "Invalid credentials" or "Login failed"
Solutions:
- Verify username and password are correct
- Check Archive.org account is active
- Try logging in via web interface
- Check network connectivity
- Review logs for detailed error messages
Symptoms: "Authentication required" or "Access denied"
Solutions:
- Verify cookies file is valid Netscape format
- Ensure cookies file contains YouTube cookies
- Re-export cookies after logging into YouTube
- Check cookies file path is correct
- Verify file permissions allow reading
Symptoms: Works initially, then fails
Solutions:
- Use web interface to re-login
- Check if credentials are still valid
- Archive.org sessions may expire - re-authentication is automatic
-
Archive.org:
- Go to Settings → Archive.org
- Enter username and password
- Click "Login"
- Credentials stored automatically
-
YouTube:
- Go to Settings → YouTube
- Export cookies from browser
- Upload cookies.txt file
- Authentication configured automatically
# Archive.org status
curl http://localhost:8410/api/auth/archive-org/status
# YouTube status
curl http://localhost:8410/api/auth/youtube/status# Archive.org logout
curl -X DELETE http://localhost:8410/api/auth/archive-org
# YouTube logout
curl -X DELETE http://localhost:8410/api/auth/youtubeFile: streamtv/utils/auth_checker.py
Function:
-
check_and_renew_archive_org_auth()- Check and re-prompt if needed
File: streamtv/api/auth.py
Endpoints:
- Archive.org login/logout/status
- YouTube cookies upload/status/remove
- Web interface pages
Archive.org Adapter:
- Automatic re-authentication on 403/401 errors
- Session cookie management
- Authentication status checking
YouTube Adapter:
- Cookies file support via yt-dlp
- Automatic cookie usage for authenticated requests
StreamTV includes Apple Passkey (WebAuthn) support for enhanced security when authenticating with YouTube OAuth.
- Biometric Authentication: Use Face ID or Touch ID
- Passwordless: No passwords required
- Secure: Public-key cryptography, phishing-resistant
- Integrated: Works seamlessly with YouTube OAuth flow
- Navigate to Settings → YouTube
- Click "Start OAuth with Passkey"
- Register a Passkey (first time) or authenticate with existing Passkey
- After Passkey verification, proceed to Google OAuth
See Passkey Authentication Documentation for complete details.
- Passkey Authentication - Complete Passkey guide
- Beginner Guide - Basic usage
- Intermediate Guide - Configuration details
- Expert Guide - Implementation details
- Troubleshooting Scripts - Automated troubleshooting
Last Updated: 2025-01-28