Authentication
Porthole provides built-in password protection to secure your local development environment when shared over the public internet.
Password Protection Workflow
Section titled “Password Protection Workflow”When you start a tunnel with the --password flag (or configured via environment variables), Porthole intercepts incoming requests.
- Unauthenticated Request: If a user visits your tunnel URL without a valid session cookie, they are redirected to a built-in login page.
- Login Page: The login page provides a simple interface to enter the tunnel password.
- Session Management: Upon successful authentication, a secure cookie is set in the user’s browser, allowing them to access the tunneled application.
To enable password protection, run:
porthole 3000 --password your-secure-password