From 02ebaa9cabf367df775f3dff748dd836a0529aca Mon Sep 17 00:00:00 2001
From: Henry <hzj94@hotmail.com>
Date: Sat, 13 May 2023 23:33:44 +0100
Subject: [PATCH] add readme

---
 README.md                    | 9 +++++++++
 packages/server/.env.example | 2 ++
 packages/server/README.md    | 9 +++++++++
 packages/server/src/index.ts | 2 +-
 4 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0727c935c..545b36ba8 100644
--- a/README.md
+++ b/README.md
@@ -86,6 +86,15 @@ Flowise has 3 different modules in a single mono repository.
 
     Any code changes will reload the app automatically on [http://localhost:8080](http://localhost:8080)
 
+## 🔒 Authentication
+
+To enable app level authentication, add `USERNAME` and `PASSWORD` to the `.env` file in `packages/server`:
+
+```
+USERNAME=user
+PASSWORD=1234
+```
+
 ## 📖 Documentation
 
 Coming soon
diff --git a/packages/server/.env.example b/packages/server/.env.example
index 2fc80e3a4..18f8efd2e 100644
--- a/packages/server/.env.example
+++ b/packages/server/.env.example
@@ -1 +1,3 @@
 PORT=3000
+# USERNAME=user
+# PASSWORD=1234
\ No newline at end of file
diff --git a/packages/server/README.md b/packages/server/README.md
index a7696c6fb..1915863b9 100644
--- a/packages/server/README.md
+++ b/packages/server/README.md
@@ -20,6 +20,15 @@ Drag & drop UI to build your customized LLM flow using [LangchainJS](https://git
 
 3. Open [http://localhost:3000](http://localhost:3000)
 
+## 🔒 Authentication
+
+To enable app level authentication, add `USERNAME` and `PASSWORD` to the `.env` file:
+
+```
+USERNAME=user
+PASSWORD=1234
+```
+
 ## 📖 Documentation
 
 Coming Soon
diff --git a/packages/server/src/index.ts b/packages/server/src/index.ts
index 0e981a337..57601a16e 100644
--- a/packages/server/src/index.ts
+++ b/packages/server/src/index.ts
@@ -76,7 +76,7 @@ export class App {
             const basicAuthMiddleware = basicAuth({
                 users: { [username]: password }
             })
-            const whitelistURLs = ['node-icon', 'static', 'favicon']
+            const whitelistURLs = ['static', 'favicon', '/api/v1/prediction/', '/api/v1/node-icon/']
             this.app.use((req, res, next) =>
                 whitelistURLs.some((url) => req.url.includes(url)) || req.url === '/' ? next() : basicAuthMiddleware(req, res, next)
             )