nano includes an optional authentication layer that gates the entire app behind a login page. When enabled, unauthenticated visitors are redirected toDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/mohameodo/nano/llms.txt
Use this file to discover all available pages before exploring further.
/login before they can search or watch anything. Authentication is a simple username/password system — suitable for protecting personal or family instances — backed by either a PostgreSQL database or a local JSON file.
Authentication in nano is a standalone local system, not OAuth, SSO, or any federated identity provider. It is designed to protect a personal or small-group self-hosted instance, not for multi-tenant or publicly registered deployments.
Enabling authentication
Set theENABLE_AUTH variable to activate the login gate:
user cookie. If the cookie is absent, the request is redirected to /login. After a successful login or sign-up, the cookie is set with path=/ and the user is redirected to the home page.
Database setup
nano stores user accounts in the configured database. Two database types are supported:- PostgreSQL (recommended for production)
- JSON file (default)
DATABASE_URL connection string to connect to PostgreSQL. nano creates the table automatically on startup, but for reference the schema is:How authentication works
nano implements password hashing using Node.js’s built-incrypto module — no external auth library is required.
Password hashing — when a user signs up, a random 16-byte salt is generated and a derived key is produced using PBKDF2:
POST /api/auth sets a user cookie containing the username. There is no JWT or session store — the presence of the cookie is the session token.
API endpoints
The auth API is handled by a single endpoint:One of
"login", "signup", or "logout".The account username.
The account password. Sent over HTTPS; hashed server-side before storage or comparison.
{ "success": true } with HTTP 200. Errors return { "error": "<message>" } with HTTP 400 or 500.
User management
There is no built-in admin panel for managing user accounts. Users can create accounts directly through the login page at/login using the “create account” toggle. To pre-create accounts or delete them, insert or remove rows directly in the database.
The login page automatically adapts its labels and button text to the active locale — all strings (login, signUp, createAccount, backToLogin, etc.) are pulled from the TRANSLATIONS object and rendered server-side in the user’s language.