Skip to content

Multi-user & authentication

By default OpenFishing runs single-tenant and fully open — no login. Set the ADMIN_PASSWORD environment variable to turn on multi-user mode.

Set ADMIN_PASSWORD (see Environment variables):

environment:
- ADMIN_PASSWORD=change_me

Once set, a login screen appears. Users sign in with their email/username + password.

  • The admin account always exists when auth is enabled.
  • Its username is always admin; its password is whatever ADMIN_PASSWORD is set to.
  • It is re-synced from the environment variable on every boot, so changing the variable and restarting updates the password.

Admins get a panel at /settings/admin to manage the instance:

  • Users — create, enable/disable and manage accounts.
  • Storage quotas — cap how much each user can upload.
  • Chatbot toggle — enable/disable AI features per user.
  • API tokens — manage REST API Bearer tokens.

Each user’s lures, spots, catches and tackle are isolated — users only see their own data.

If you configure SMTP (at least SMTP_HOST and SMTP_FROM), users can reset forgotten passwords by email. Without SMTP configured, the reset option is hidden. See the SMTP variables.

Admins can set storage quotas per user from the admin panel, so no single user can fill the disk with uploads.