I already wrote about tiny tiny RSS (tt-rss) in this article.
So far, the login-mechanism of tt-rss was used. However, tt-rss also allows to use authentication mechanisms of an webserver, which allowes the usage of htAccess and htUser-Files.
To activate external authentication, I first edited config.php and changed ALLOW_REMOTE_USER_AUTH to true (you find it around line 130):
define('ALLOW_REMOTE_USER_AUTH', true);
After that, I hat to tell Apache to protect the directory:
<Directory /var/www/tt-rss>
AuthName "RSS Feedreader"
AuthType Basic
Require valid-user
AuthUserFile /my/user/file
</Directory>
After reloading Apache I was a bit surprised. I got an authentication-dialog, entered username and password, and got the tt-rss login screen. The funny thing: the username I entered here was ignored. But I had to enter something.
I tried to find out why this happened. I finally found a little hack which prevented the login screen:
In functions.php, I edited line 1959. I replaced
if ($login_action == "do_login") {
through
if (defined('ALLOW_REMOTE_USER_AUTH') && ALLOW_REMOTE_USER_AUTH
&& $_SERVER["REMOTE_USER"] && $login != "admin") {
authenticate_user($link, '', '');
$_SESSION["ref_schema_version"] = get_schema_version($link, true);
} elseif ($login_action == "do_login") {
And finally it worked. As far as I can tell, this hack has no side-effects. It even works with the mobile view. But I don’t want to be responsible for any problem 😉
Have fun!