Skip to content

Authentication and Users

The Fast Video Cataloger Server supports multi-user authentication with role-based permissions. This allows you to control who can access your video catalog and what actions they can perform.

User Roles

The server supports three user roles with different permission levels:

Viewer -- Read-only access to the catalog. Can browse videos, actors, and tags but cannot make changes.

Editor -- Can add, edit, and delete content. This includes adding videos, creating actors, managing keywords, and editing video metadata.

Admin -- Full access including user management. Can create and delete user accounts, change roles, and configure authentication settings.

Enabling Authentication

Authentication can be enabled or disabled from the Server Setup application or by editing serverconfig.xml directly.

When authentication is disabled, all users have full access without logging in. This is useful for trusted local networks.

When authentication is enabled, users must log in with a username and password to access the catalog.

Creating User Accounts

User accounts are managed by Admin users. To create a new user:

  1. Log in to the server with an Admin account
  2. Open the user management interface
  3. Click "Add User"
  4. Enter the username (email address recommended)
  5. Set a temporary password
  6. Select the appropriate role (Viewer, Editor, or Admin)
  7. Click "Create"

The new user can then log in and change their password.

Changing Passwords

Users can change their own password after logging in:

  1. Log in with your current password
  2. Access account settings
  3. Enter your current password
  4. Enter and confirm your new password
  5. Click "Change Password"

Admins can also reset passwords for other users through the user management interface.

Session Tokens

When a user logs in, the server issues a session token. This token:

  • Is required for all authenticated API requests
  • Has an expiration time (configurable)
  • Can be invalidated by logging out
  • Should be kept secure and not shared

For REST API usage, include the token in the Authorization header:

Authorization: Bearer {your-session-token}

Authentication for File Access

When enabled: - Requests to /files/* endpoints require a valid session token - Token can be passed via Authorization header or query string (?token=...)

When disabled: - Files are accessible without authentication - Only recommended for trusted networks

WCF Service Authentication

The Fast Video Cataloger desktop client uses WCF services to communicate with the server. These services also respect authentication settings:

  • User Auth Service: /UserAuth/BasicHttpBinding_IUserAuthService
  • User Management Service: /UserManagement/BasicHttpBinding_IUserManagementService

Best Practices

  • Use strong passwords for all accounts
  • Create separate accounts for each user (don't share credentials)
  • Use the Viewer role for users who only need to browse
  • Limit the number of Admin accounts
  • Enable authentication when the server is accessible from untrusted networks
  • Regularly review user accounts and remove inactive users