[GH-ISSUE #1361] Allow login to web app with token #960

New issue

Open

opened 2026-05-07 00:29:07 +02:00 by BreizhHardware · 7 comments

BreizhHardware commented 2026-05-07 00:29:07 +02:00

Owner

Copy link

Originally created by @helmut72 on GitHub (Jun 1, 2025).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1361

💡 Idea
While using other web apps, where I have installed them to my homescreen, I never need to login again even when not using them for weeks. But ntfy force me to login after 3-4 days.

Would be cool to be able to modify expire time of tokens of this sessions or being able to login with token instead of password to the web app.

Thank you.

Originally created by @helmut72 on GitHub (Jun 1, 2025). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/1361 :bulb: **Idea** While using other web apps, where I have installed them to my homescreen, I never need to login again even when not using them for weeks. But ntfy force me to login after 3-4 days. Would be cool to be able to modify expire time of tokens of this sessions or being able to login with token instead of password to the web app. Thank you.

BreizhHardware added the

enhancement

label 2026-05-07 00:29:07 +02:00

BreizhHardware commented 2026-05-07 00:29:08 +02:00

Author

Owner

Copy link

@audstanley commented on GitHub (Jun 7, 2025):

I'm not on the dev team - but i don't follow. I've installed ntfy as a Progressive Web App (PWA) using firefox and a firefox extension. I'm pretty sure my login is stored in the web application, and no token is needed - are you clearing your browser cache?

<!-- gh-comment-id:2951430175 --> @audstanley commented on GitHub (Jun 7, 2025): I'm not on the dev team - but i don't follow. I've installed ntfy as a Progressive Web App (PWA) using firefox and a firefox extension. I'm pretty sure my login is stored in the web application, and no token is needed - are you clearing your browser cache?

BreizhHardware commented 2026-05-07 00:29:08 +02:00

Author

Owner

Copy link

@anoniuuiti commented on GitHub (Sep 7, 2025):

@helmut72 I get an idea but not entirely sure whether it works 100% correct.
Login PWA using user name and pw ==> observe token for current PWA session ==> manually create token via config file w/ same token observed ==> restart ntfy instance ==> that token created would come w/ "Never Expire" session.

<!-- gh-comment-id:3263524610 --> @anoniuuiti commented on GitHub (Sep 7, 2025): @helmut72 I get an idea but not entirely sure whether it works 100% correct. Login PWA using user name and pw ==> observe token for current PWA session ==> manually create token via config file w/ same token observed ==> restart ntfy instance ==> that token created would come w/ "Never Expire" session.

BreizhHardware commented 2026-05-07 00:29:08 +02:00

Author

Owner

Copy link

@helmut72 commented on GitHub (Sep 8, 2025):

I'm not on the dev team - but i don't follow. I've installed ntfy as a Progressive Web App (PWA) using firefox and a firefox extension. I'm pretty sure my login is stored in the web application, and no token is needed - are you clearing your browser cache?

I'm not clearing any browser cache. Do you have tried it on a mobile phone, Safari on iPhone, Samsung Internet on a Samsung Android phone or any other mobile device with a browser, that supports webpush? After a few days, session is invalid, never get any push messages and need to login again.

Using a desktop browser is more or less useless, because I want to be especially notified when not in front of a PC. Also I don't want to be flooded with messages and it's possible, that I don't get ones for several days.

<!-- gh-comment-id:3265073945 --> @helmut72 commented on GitHub (Sep 8, 2025): > I'm not on the dev team - but i don't follow. I've installed ntfy as a Progressive Web App (PWA) using firefox and a firefox extension. I'm pretty sure my login is stored in the web application, and no token is needed - are you clearing your browser cache? I'm not clearing any browser cache. Do you have tried it on a mobile phone, Safari on iPhone, Samsung Internet on a Samsung Android phone or any other mobile device with a browser, that supports webpush? After a few days, session is invalid, never get any push messages and need to login again. Using a desktop browser is more or less useless, because I want to be especially notified when not in front of a PC. Also I don't want to be flooded with messages and it's possible, that I don't get ones for several days.

BreizhHardware commented 2026-05-07 00:29:08 +02:00

Author

Owner

Copy link

@helmut72 commented on GitHub (Sep 8, 2025):

@helmut72 I get an idea but not entirely sure whether it works 100% correct. Login PWA using user name and pw ==> observe token for current PWA session ==> manually create token via config file w/ same token observed ==> restart ntfy instance ==> that token created would come w/ "Never Expire" session.

There will be random tokens generated. Only description can be edited.

<!-- gh-comment-id:3265097750 --> @helmut72 commented on GitHub (Sep 8, 2025): > [@helmut72](https://github.com/helmut72) I get an idea but not entirely sure whether it works 100% correct. Login PWA using user name and pw ==> observe token for current PWA session ==> manually create token via config file w/ same token observed ==> restart ntfy instance ==> that token created would come w/ "Never Expire" session. There will be random tokens generated. Only description can be edited.

BreizhHardware commented 2026-05-07 00:29:09 +02:00

Author

Owner

Copy link

@anoniuuiti commented on GitHub (Sep 8, 2025):

@helmut72 I get an idea but not entirely sure whether it works 100% correct. Login PWA using user name and pw ==> observe token for current PWA session ==> manually create token via config file w/ same token observed ==> restart ntfy instance ==> that token created would come w/ "Never Expire" session.

There will be random tokens generated. Only description can be edited.

https://docs.ntfy.sh/config/#tokens-via-the-config
I guess you can take a look at this. The token part should be capable of being manually edited.

<!-- gh-comment-id:3265325100 --> @anoniuuiti commented on GitHub (Sep 8, 2025): > > [@helmut72](https://github.com/helmut72) I get an idea but not entirely sure whether it works 100% correct. Login PWA using user name and pw ==> observe token for current PWA session ==> manually create token via config file w/ same token observed ==> restart ntfy instance ==> that token created would come w/ "Never Expire" session. > > There will be random tokens generated. Only description can be edited. https://docs.ntfy.sh/config/#tokens-via-the-config I guess you can take a look at this. The token part should be capable of being manually edited.

BreizhHardware commented 2026-05-07 00:29:09 +02:00

Author

Owner

Copy link

@helmut72 commented on GitHub (Sep 9, 2025):

@anoniuuiti Now I know what you mean. I've added this, now it reads never expire and will test it after few days. Thanks. But even if this works, it's a crazy workaround ;)

<!-- gh-comment-id:3269486812 --> @helmut72 commented on GitHub (Sep 9, 2025): @anoniuuiti Now I know what you mean. I've added this, now it reads never expire and will test it after few days. Thanks. But even if this works, it's a crazy workaround ;)

BreizhHardware commented 2026-05-07 00:29:09 +02:00

Author

Owner

Copy link

@helmut72 commented on GitHub (Sep 25, 2025):

@anoniuuiti Tried it today and it even works after this many days!! Received the push message and no need to login on Android and iOS :)

It would be cool not to use this crazy workaround and just set to "never expires" from the webui or have "never expires" as a default setting for every token.

<!-- gh-comment-id:3332382061 --> @helmut72 commented on GitHub (Sep 25, 2025): @anoniuuiti Tried it today and it even works after this many days!! Received the push message and no need to login on Android and iOS :) It would be cool not to use this crazy workaround and just set to "never expires" from the webui or have "never expires" as a default setting for every token.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/npm_and_yarn/web/fast-uri-3.1.2

email-verification

attachment-no-http2

attachment-fixes

attachment-s3

config-generator

postgres-replica

dockers-v2

postgres-support

postgres-webpush+user+message

postgres-webpush+user

postgres-webpush

1364-copy-action

crashfix

user-header

scalar-api-docs

cancel-scheduled

update-available

windows-server

303-update-notifications

postgres

admin-ui

require-login

http-clipboard

message-cache-lock

debian-stripe

predefined-users

busy-timeout

template-dir

ipv6

client-ip-header

apns-fix

feat_optional_require_login

security-updates

pg-message-cache

templating-disallow

templating-3

templating-2

message-size-limit+delay-limit

remove-rate-topics

html-emails

cf-priority

acl-underscores

auth-user-header

markdown

img-attach

web-improvements

utf8-headers

matrix-507-reject

http-response-writer

new-homepage-design

e2e

canary

windows

electron

update-messages

webhook-templating

v2.22.0

v2.21.0

v2.20.1

v2.20.0

v2.19.2

v2.19.1

v2.19.0

v2.18.0

v2.17.0

v2.16.0

v2.15.0

v2.14.0

v2.13.0

v2.12.0

v2.11.0

v2.10.0

v2.9.0

v2.8.0

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.0

v2.1.2

v2.1.1

v2.1.0

v2.0.1

v2.0.0

v1.31.0

v1.30.1

v1.29.1

v1.29.0

v1.28.0

v1.27.2

v1.27.1

v1.26.0

v1.25.2

v1.25.1

v1.25.0

v1.24.0

v1.23.0

v1.22.0

v1.21.2

v1.21.1

v1.21.0

v1.20.0

v1.19.0

v1.18.1

v1.18.0

v1.17.1

v1.17.0

v1.16.0

v1.15.0

v1.14.1

v1.14.0

v1.13.0

v1.12.1

v1.12.0

v1.11.1

v1.11.2

v1.11.0

v1.10.0

v1.9.0

v1.8.0

v1.7.0

v1.6.1

v1.6.0

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.4.8

v1.4.7

v1.4.6

v1.4.5

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.3.2

v1.3.3

v1.3.1

v1.3.0

v1.2.5

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.0

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

ai-generated

  

android-app

  

android-app

  

android-app

  

🪲 bug

  

build

  

build

  

dependencies

  

docs

  

enhancement

  

enhancement

  

🔥 HOT

  

in-progress 🏃

  

ios

  

prio:low

  

prio:low

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

🔒 security

  

server

  

server

  

unified-push

  

web-app

  

website

No labels

ai-generated

android-app

android-app

android-app

🪲 bug

build

build

dependencies

docs

enhancement

enhancement

🔥 HOT

in-progress 🏃

ios

prio:low

prio:low

pull-request

question

🔒 security

server

server

unified-push

web-app

website

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ntfy#960

No description provided.