Gekko: Gekko UI - Authentification

// set this to true if you understand that Gekko will
// invest according to how you configured the indicators.
// None of the advice in the output is Gekko telling you
// to take a certain position. Instead it is the result
// of running the indicators you configured automatically.
//
// In other words: Gekko automates your trading strategies,
// it doesn't advice on itself, only set to true if you truly
// understand this.
//
// Not sure? Read this first: https://github.com/askmike/gekko/issues/201
config['I understand that Gekko only automates MY OWN trading strategies'] = true;

Yes I read it in the Readme

MY OWN means you personally...

Is this any relevant to the Gekko UI @decoye?

nevermind dude.

@decoye I believe he is saying that if he runs gekko on a remote server he does not want others to have access to it. Just because one is running gekko on something other than their workstation does not mean they're using it as a shared tool.

@numanWD A workaround would be to set up a firewall rule blocking access to all but your own IP. On an AWS ec2 machine you could open up the port in your security group to only your IP.

I did npm install http-auth... Then at the top of web/server.js I added

'// Authentication module. var auth = require('http-auth');
var basic = auth.basic({
realm: "Restricted",
file: __dirname + "/.htpasswd"
});

// Enable auth.
app.use(auth.koa(basic));'

Then create .htpasswd

Thanks @richardpetithory for the recap. You explained better than me.

@generalectric I will try your solution look simple and clean.

yes that would work (I'm open to a PR for this). But in the future I'd like to not worry about this: If you want auth, just put gekko behind a reverse proxy with auth (just like what prometheus recommends).

I am open for a PR, but I don't consider this a running issue. Advice is to put gekko behind a reversed proxy that handles auth.