-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Add user support to Actual #524
Comments
Discussed in https://github.com/actualbudget/actual/discussions/123 Originally posted by Quigley-Brendan July 5, 2022 Any plans to make this happen? |
Was thinking about an alternate solution for implementing multi-user login based on what is currently available. Considering there is already per budget file encryption enabled, could it be an option to share the same login to the server instance, but instead of being presented with all budgets, the user would need to input their password for their encrypted budget file/s. All budgets that match that password, could then be shown and subsequently opened. This might be smoother to implement than multi user server login? |
That’s a good idea! Thinking about how that would work, we’d fetch all of the encrypted keys from the server, then try the password against all of them. I’m not sure if there would be a way for us to grant access to only the budgets encrypted with a given key in the backend since there isn’t exactly a way to prove that we can decrypt that key. But I think that’s definitely a good approach to investigate more! |
✨ Thanks for sharing your idea! ✨ This repository is now using lodash style issue management for enhancements. This means enhancement issues will now be closed instead of leaving them open. This doesn’t mean we don’t accept feature requests, though! We will consider implementing ones that receive many upvotes, and we welcome contributions for any feature requests marked as needing votes (just post a comment first so we can help you make a successful contribution). The enhancement backlog can be found here: https://github.com/actualbudget/actual/issues?q=label%3A%22needs+votes%22+sort%3Areactions-%2B1-desc+ Don’t forget to upvote the top comment with 👍! |
@j-f1 I haven't checked how the backend works at all (very new to Actual Budget), but considering the encryption keys are in a database already, couldn't it be possible to add a table to know which key is related to which file? Or it could also just use multiple databases, just split into subfolders according to the username (i.e. |
I'm surprised the demand for this isn't higher. With those with families. It would be brilliant to have a little raspberry pi hosting actual for the whole family to be able to use (and safely, without worrying about other family members) Shared files allowing to budget with roommates or partners. And obviously the fact that not everyone has the ability to set this up, but the chances are they have a nerdy friend who can, but having to setup 1 server (and this subdomain) per user is more work than it's worth to say the least. Is there a branch or current PR where this is being worked on, I'd love to help out. |
@jakobbouchard We already store separate encryption keys for every file that has encryption enabled (it’s optional). |
@Scot-Survivor I don’t know of anyone working on this at the moment, but feel free to pitch your idea for how this would work! |
Potentially relevant: actualbudget/actual-server#219 (we hope to merge that PR soon) |
Just pulling the discussion from Discord, as per @j-f1 , it would be possible to add a username field when logging, and only serve the associated files to that user.
Does anyone else see something I'm missing? |
Seems reasonable except for the 2FA bit — would like to see use of passkeys instead of requiring more complex security measures if possible. |
True, if I recall correctly there's a library that can handle both 2FA & Passkeys, I personally don't own a pass key so I'm left with having to use 2FA codes. |
I am currently sharing my instance of Actual with my sister. We use the same password for logging in but then have our separate budget files, E2E encrypted. The only problem I see with this setup is either user can delete the others' file without problem. If a temporary fix to input the E2E password before deleting a file is added it would solve this issue at least temporarily. |
Is there anyone working on this at the moment? |
+1 on this, i do not want to create a new docker instance for each member of my family |
+1 on this from me too |
This has the second most upvotes outside of Plaid integration. When perusing other feature requests with less votes, there are tasks done. Is it possible to get an update and some clarification on this? Thank you. |
Unfortunately, the up votes never seem to mean anything, feature requests are done on a contributor basis based on what someone fancies doing, the core team rarely looks at the top voted features and implements them.
Have a read of this https://actualbudget.org/docs/contributing/leadership/new-core-contributors-guide "We do not assign specific roles or responsibilities but instead allow people to choose what they want to work on." |
Like you, I’m not clear as to what (or whether) there is a process for looking at up votes but I guess the hard reality is the volunteer developers will only work on those things that really appeal to their particular use case. Regrettably, I’m not clear how in an open source, volunteer led, project it can really be much different. |
What is the point in the votes then? You could still have a team of volunteer developers who volunteer their time to work on Actual, tasks could be assigned to that team but that isn't how it works, however some aspects of the project are structured in a way that makes it seem like that is how it works. I volunteer at a local railway, I don't get to just turn up and do what I want, the railway has a plan and I have to do what I am told, I couldn't just draw a pretty picture of a train in a different colour walk around the yard and get 100 signature's and then paint the train like my picture. |
If we can get multiple accounts, it'd be great if we could also jointly control accounts. i.e. I'd love if my wife and I could have our own accounts, but on top of that, if our shared account were added, it could show up on both our accounts, and sync with each other. It would make budgeting shared spending way easier. |
not quite what you are asking, but, if you are running ActualBudget as a docker container, nothing is stopping you from running multiple instances (on different ports) and assigning an instance to a family member/friend/partner. Again, not a perfect solution, but it should do the trick fro the time being. Edit: |
One more item that user management should ideally add is to allow user accounts to be disabled. This way external authentication / sso at the reverse proxy level can be used. I.e. Forward auth using Traefik etc. Would it be possible to add this to the user support wishlist. |
I was looking if there's any option to give read-only access to a budget. This feature request seems to be a good fit for that, wdyt? In my particular case, my wife wants to have access and check our budget status but she isn't very comfortable with all the edit options that are possible (she is a mobile user and it annoys her that when she's looking around, she misclicks and opens edit boxes). I can also imagine that this would be a nice feature for other cases, like sharing budgets with your kids. And alternative option could be to use a kind of public key for the budget, where it's possible to read data but all write/edit options are not possible and disabled. |
🎉 initial support for multi user and OIDC was added in #3878 and will be available starting in v25.1 🎉 |
Discussed in https://github.com/actualbudget/actual/discussions/157
Originally posted by winklevos August 6, 2022
User enhancements
- User sign-in support
- Multiple users per server support
- Shared access to account support
The text was updated successfully, but these errors were encountered: