Disable "Dashboard" if not logged in


#1

I’ve asked about this on Reddit and additionally to a temporary solution I also got the suggestion to post a feature request.

I’d like to ability to toggle in the settings to disable the “Dashboard” features of Pi-Hole if not logged in. By that I mean the “Queries over last 24 hours”, and all the other stats and to remove “Dashboard” from the main navigation and make “Login” the default page.


#2

I’ve been toying with this a bit. I’m very much not a PHP developer and I’m unfamiliar with the codebase, but I have implemented a very barebones version.

Add checks in AdminLTE scripts/pi-hole/header.php for my new setup variable:

if(!$auth && (!isset($indexpage) || isset($_GET['login']) || $setupVars["STATS_HIDDEN_WITHOUT_AUTH"]))
{
    $scriptname = "login";
}

.
.
.

// If auth is required and not set, i.e. no successfully logged in,
// we show the reduced version of the summary (index) page
if(!$auth && (!isset($indexpage) || isset($_GET['login']) || $setupVars["STATS_HIDDEN_WITHOUT_AUTH"])){
    require "scripts/pi-hole/php/loginpage.php";

I’m not sure if there’s a nicer way to implement this. Parsing the setupVars.conf file seems a bit overkill for what I’m doing, but it works. Again, I know nothing about PHP.

Two small additions in AdminLTE settings.php to add a button:

if (isset($setupVars["STATS_HIDDEN_WITHOUT_AUTH"])) {
    $statshidden = $setupVars["STATS_HIDDEN_WITHOUT_AUTH"];
} else {
    $statshidden = false;
}

.
.
.

<div class="form-group">
    <div class="checkbox">
        <label><input type="checkbox" name="statshidden" title="hide-stats"
                    <?php if ($statshidden){ ?>checked<?php }
                    ?>>Hide all statistics until user logs in</label>
    </div>
</div>

Run a script to save the user’s settings in AdminLTE scripts/pi-hole/php/savesettings.php:

if(isset($_POST["statshidden"]))
				{
					exec('sudo pihole -a statshidden true');
				}
				else
				{
					exec('sudo pihole -a statshidden false');
				}
				break;

The change to setupVars.conf in Pi-hole advanced/Scripts/webpage.sh:

SetStatsHidden() {
	if [[ "${args[2]}" == "true" ]]; then
		change_setting "STATS_HIDDEN_WITHOUT_AUTH" "true"
	elif [[ "${args[2]}" == "false" ]]; then
		change_setting "STATS_HIDDEN_WITHOUT_AUTH" "false"
	fi
}

The new checkbox in the privacy settings:

When the checkbox is ticked and the user is logged out, the dashboard redirects to the login page. I feel fairly good about these changes except perhaps the fact that I need to parse setupVars.conf in the header script. If anyone could suggest a better solution, that would be nice.


#3

Any official solution in sight? Would rather not fiddle with the files since an update could just override the file at any time.
I would like to be able to access pihole from anywhere I want to disabling external access is not an option for me. And changing ports, subdomain etc (ie security through obscurity) is not secure.


#4

Have you considered setting up a VPN to tunnel into your Pi-Hole when you are off your network?


#5

I have but I’m connected to a paid one pretty much all the time. I have the webinterface open to the outside for convenience and having to switch VPNs only for that kinda defeats this purpose.
Thanks for the suggestion though.
I’ll see if I’m going to tinker around and fix this myself.
I could just throw an HTTP user and password prompt infront of the interface.


#6

This would be simple to implement in the new web interface, but more risky to implement in the PHP web interface. You might need to wait until the new web interface for this feature.


#7

@Mcat12 Alright that sounds promising
Thanks :grin: