Radium Protect

Work in progress, documentation will update over time.

Radium Protect is a way to ensure only specific people will be able to enter Radium and view the HLS stream. It's a completely optional setting and in no way effects the current Radium. Protect is not required and most people will find it not necessary but it is for those who want to better secure their setup.

Why use Protect?

With the current setup the HLS stream is open to anyone. This means if someone was able to find the URL the HLS stream is being served on they could see what is being streamed. Now this isn't an issue to many people because finding that URL is quite difficult. Protect adds a layer of authentication needed to fetch any HLS files. This prevents anyone except users you create to be able to view the stream.

Should I use it?

For must users the answer is probably no. The only thing Protect does is ensure unwanted visitors can't view the HLS stream. For many people this isn't a worry because finding the HLS stream url isn't simple unless they have access to the Radium website. A long, random stream key is plenty fine for most users.

Why make it if only few people will use it?

Radium is a hobby for me and I enjoy improving and creating new features for it.

Upsides:

User authentication to enter Radium (username/password)
Authentication needed to fetch HLS stream files (token is injected as a http header)
Better secures your setup

Downsides:

More setup (requires additional environment variables and possibly another container)
Only streams served by Protect can be viewed while in Protect mode (http headers are sent on each request which other sources will reject)