diff --git a/.github/workflows/markdown.yml b/.github/workflows/markdown.yml
new file mode 100644
index 0000000..ad67936
--- /dev/null
+++ b/.github/workflows/markdown.yml
@@ -0,0 +1,12 @@
+name: none-shall-pass
+
+on:
+  workflow_dispatch:
+  push:
+
+jobs:
+  none-shall-pass:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: thevickypedia/none-shall-pass@v3
diff --git a/README.md b/README.md
index 76d730b..7fe8421 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@
 [![Pypi-format](https://img.shields.io/pypi/format/stream-localhost)](https://pypi.org/project/stream-localhost/#files)
 [![Pypi-status](https://img.shields.io/pypi/status/stream-localhost)][pypi]
 
-# Video Streaming
+# PyStream
 Python module to, stream videos via authenticated sessions using FastAPI
 
 ## Install
@@ -23,9 +23,8 @@ import pystream
 
 if __name__ == '__main__':
     kwargs = dict(
-        username="foo",
-        password="bar",
-        video_source=os.path.join(os.path.expanduser('~'), 'Downloads'),
+        authorization=[{"Alan Turing": "Pr0gRamM1ng"}, {"Linus Torvalds": "LinuxOS"}],
+        video_source=os.path.join(os.path.expanduser('~'), 'Downloads')
     )
     # Add the following to host on local IP address, skip for localhost (127.0.0.1)
     # kwargs["video_host"] = pystream.utils.get_local_ip()
@@ -37,8 +36,7 @@ if __name__ == '__main__':
 > To use custom filenames, set the env var `env_file` as `key` and the _filename_ as its `value`
 
 **Mandatory**
-- **USERNAME**: Any username of choice.
-- **PASSWORD**: Any password of choice.
+- **AUTHORIZATION**: List of dictionaries with `username` as key and `password` as value.
 - **VIDEO_SOURCE**: Source path for video files.
 > :bulb:   Files starting with `_` _(underscore)_ and `.` _(dot)_ will be ignored
 
diff --git a/authentication.md b/authentication.md
new file mode 100644
index 0000000..da6039b
--- /dev/null
+++ b/authentication.md
@@ -0,0 +1,32 @@
+## Authentication
+`PyStream` uses two ways of authentication, the `username` and `password` to gain access to the server and
+a `session_token` generated by the server to access directories and streaming content.
+
+### Username and Password
+
+#### Frontend
+- UI creates hex values for username and password using native JS
+- These hex values are then used the calculate the hash
+- Calculated hash is then base64 encoded using native JS, before sending the signature to the API in an authorization header
+
+#### Backend
+- API decodes the base64 encoded ascii string, then decodes the HEX received in authorization header
+- Then the value is broken down to, username, signature and timestamp
+- The decoded username is used to get the stored password from env variables, which are then hex encoded
+- API creates a hash signature using the hex username, hex password, and the timestamp
+- These signatures are then compared for authentication purpose
+
+### Session Token
+
+- Once the login has been successful, the API creates a randomly generated 64 bit url safe token
+- This token is stored as unique key for each user
+- The API then forms a payload with the username, key, and the timestamp
+- This payload is then encrypted using Cryptography's Fernet, which can be retrieved only using the key
+- This encrypted payload is stored as a cookie before sending a `JSONResponse` with a `redirect_url`
+> Since the UI uses `AJAX` for authentication POST call, a `RedirectResponse` from FastAPI will not work,
+> as the call will simply follow the redirect to `GET` the content instead of redirecting the page.
+- The `redirect_url` from the JSON response is fetched, to alter `location.href`
+> This form of redirect will transfer cookies to the new page but not the headers,
+> so the username and password are lost in the frontend at this point
+- From then on, all calls to the backend including redirects, directory navigation and, streaming will carry the cookie
+- The `session_token` is the only form of authentication from this point onward
diff --git a/doc_gen/index.rst b/doc_gen/index.rst
index bd40dfe..7394aef 100644
--- a/doc_gen/index.rst
+++ b/doc_gen/index.rst
@@ -11,6 +11,7 @@ Stream-Localhost - A secured interface to stream videos
    :caption: Read Me:
 
    README
+   authentication
 
 Main Module
 ===========
diff --git a/docs/README.html b/docs/README.html
index 166228f..f55bc11 100644
--- a/docs/README.html
+++ b/docs/README.html
@@ -6,7 +6,7 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" />
 
-    <title>Video Streaming &#8212; Stream  documentation</title>
+    <title>PyStream &#8212; Stream  documentation</title>
     <link rel="stylesheet" type="text/css" href="_static/pygments.css" />
     <link rel="stylesheet" type="text/css" href="_static/classic.css" />
     
@@ -18,6 +18,7 @@
     
     <link rel="index" title="Index" href="genindex.html" />
     <link rel="search" title="Search" href="search.html" />
+    <link rel="next" title="Authentication" href="authentication.html" />
     <link rel="prev" title="Stream-Localhost - A secured interface to stream videos" href="index.html" /> 
   </head><body>
     <div class="related" role="navigation" aria-label="related navigation">
@@ -29,11 +30,14 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
+        <li class="right" >
+          <a href="authentication.html" title="Authentication"
+             accesskey="N">next</a> |</li>
         <li class="right" >
           <a href="index.html" title="Stream-Localhost - A secured interface to stream videos"
              accesskey="P">previous</a> |</li>
         <li class="nav-item nav-item-0"><a href="index.html">Stream  documentation</a> &#187;</li>
-        <li class="nav-item nav-item-this"><a href="">Video Streaming</a></li> 
+        <li class="nav-item nav-item-this"><a href="">PyStream</a></li> 
       </ul>
     </div>  
 
@@ -48,8 +52,8 @@ <h3>Navigation</h3>
 <p><a class="reference external" href="https://pypi.org/project/stream-localhost"><img alt="PyPI version shields.io" src="https://img.shields.io/pypi/v/stream-localhost" /></a>
 <a class="reference external" href="https://pypi.org/project/stream-localhost/#files"><img alt="Pypi-format" src="https://img.shields.io/pypi/format/stream-localhost" /></a>
 <a class="reference external" href="https://pypi.org/project/stream-localhost"><img alt="Pypi-status" src="https://img.shields.io/pypi/status/stream-localhost" /></a></p>
-<section id="video-streaming">
-<h1>Video Streaming<a class="headerlink" href="#video-streaming" title="Permalink to this heading">¶</a></h1>
+<section id="pystream">
+<h1>PyStream<a class="headerlink" href="#pystream" title="Permalink to this heading">¶</a></h1>
 <p>Python module to, stream videos via authenticated sessions using FastAPI</p>
 <section id="install">
 <h2>Install<a class="headerlink" href="#install" title="Permalink to this heading">¶</a></h2>
@@ -65,9 +69,8 @@ <h2>Sample Usage<a class="headerlink" href="#sample-usage" title="Permalink to t
 
 <span class="k">if</span> <span class="vm">__name__</span> <span class="o">==</span> <span class="s1">&#39;__main__&#39;</span><span class="p">:</span>
     <span class="n">kwargs</span> <span class="o">=</span> <span class="nb">dict</span><span class="p">(</span>
-        <span class="n">username</span><span class="o">=</span><span class="s2">&quot;foo&quot;</span><span class="p">,</span>
-        <span class="n">password</span><span class="o">=</span><span class="s2">&quot;bar&quot;</span><span class="p">,</span>
-        <span class="n">video_source</span><span class="o">=</span><span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">expanduser</span><span class="p">(</span><span class="s1">&#39;~&#39;</span><span class="p">),</span> <span class="s1">&#39;Downloads&#39;</span><span class="p">),</span>
+        <span class="n">authorization</span><span class="o">=</span><span class="p">[{</span><span class="s2">&quot;Alan Turing&quot;</span><span class="p">:</span> <span class="s2">&quot;Pr0gRamM1ng&quot;</span><span class="p">},</span> <span class="p">{</span><span class="s2">&quot;Linus Torvalds&quot;</span><span class="p">:</span> <span class="s2">&quot;LinuxOS&quot;</span><span class="p">}],</span>
+        <span class="n">video_source</span><span class="o">=</span><span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">path</span><span class="o">.</span><span class="n">expanduser</span><span class="p">(</span><span class="s1">&#39;~&#39;</span><span class="p">),</span> <span class="s1">&#39;Downloads&#39;</span><span class="p">)</span>
     <span class="p">)</span>
     <span class="c1"># Add the following to host on local IP address, skip for localhost (127.0.0.1)</span>
     <span class="c1"># kwargs[&quot;video_host&quot;] = pystream.utils.get_local_ip()</span>
@@ -82,8 +85,7 @@ <h3>Env Variables<a class="headerlink" href="#env-variables" title="Permalink to
 </div></blockquote>
 <p><strong>Mandatory</strong></p>
 <ul class="simple">
-<li><p><strong>USERNAME</strong>: Any username of choice.</p></li>
-<li><p><strong>PASSWORD</strong>: Any password of choice.</p></li>
+<li><p><strong>AUTHORIZATION</strong>: List of dictionaries with <code class="docutils literal notranslate"><span class="pre">username</span></code> as key and <code class="docutils literal notranslate"><span class="pre">password</span></code> as value.</p></li>
 <li><p><strong>VIDEO_SOURCE</strong>: Source path for video files.</p></li>
 </ul>
 <blockquote>
@@ -156,7 +158,7 @@ <h2>License &amp; copyright<a class="headerlink" href="#license-copyright" title
   <div>
     <h3><a href="index.html">Table of Contents</a></h3>
     <ul>
-<li><a class="reference internal" href="#">Video Streaming</a><ul>
+<li><a class="reference internal" href="#">PyStream</a><ul>
 <li><a class="reference internal" href="#install">Install</a></li>
 <li><a class="reference internal" href="#sample-usage">Sample Usage</a><ul>
 <li><a class="reference internal" href="#env-variables">Env Variables</a></li>
@@ -178,6 +180,11 @@ <h4>Previous topic</h4>
     <p class="topless"><a href="index.html"
                           title="previous chapter">Stream-Localhost - A secured interface to stream videos</a></p>
   </div>
+  <div>
+    <h4>Next topic</h4>
+    <p class="topless"><a href="authentication.html"
+                          title="next chapter">Authentication</a></p>
+  </div>
   <div role="note" aria-label="source link">
     <h3>This Page</h3>
     <ul class="this-page-menu">
@@ -208,11 +215,14 @@ <h3>Navigation</h3>
         <li class="right" >
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
+        <li class="right" >
+          <a href="authentication.html" title="Authentication"
+             >next</a> |</li>
         <li class="right" >
           <a href="index.html" title="Stream-Localhost - A secured interface to stream videos"
              >previous</a> |</li>
         <li class="nav-item nav-item-0"><a href="index.html">Stream  documentation</a> &#187;</li>
-        <li class="nav-item nav-item-this"><a href="">Video Streaming</a></li> 
+        <li class="nav-item nav-item-this"><a href="">PyStream</a></li> 
       </ul>
     </div>
     <div class="footer" role="contentinfo">
diff --git a/docs/README.md b/docs/README.md
index 76d730b..7fe8421 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -7,7 +7,7 @@
 [![Pypi-format](https://img.shields.io/pypi/format/stream-localhost)](https://pypi.org/project/stream-localhost/#files)
 [![Pypi-status](https://img.shields.io/pypi/status/stream-localhost)][pypi]
 
-# Video Streaming
+# PyStream
 Python module to, stream videos via authenticated sessions using FastAPI
 
 ## Install
@@ -23,9 +23,8 @@ import pystream
 
 if __name__ == '__main__':
     kwargs = dict(
-        username="foo",
-        password="bar",
-        video_source=os.path.join(os.path.expanduser('~'), 'Downloads'),
+        authorization=[{"Alan Turing": "Pr0gRamM1ng"}, {"Linus Torvalds": "LinuxOS"}],
+        video_source=os.path.join(os.path.expanduser('~'), 'Downloads')
     )
     # Add the following to host on local IP address, skip for localhost (127.0.0.1)
     # kwargs["video_host"] = pystream.utils.get_local_ip()
@@ -37,8 +36,7 @@ if __name__ == '__main__':
 > To use custom filenames, set the env var `env_file` as `key` and the _filename_ as its `value`
 
 **Mandatory**
-- **USERNAME**: Any username of choice.
-- **PASSWORD**: Any password of choice.
+- **AUTHORIZATION**: List of dictionaries with `username` as key and `password` as value.
 - **VIDEO_SOURCE**: Source path for video files.
 > :bulb: &nbsp; Files starting with `_` _(underscore)_ and `.` _(dot)_ will be ignored
 
diff --git a/docs/_sources/README.md.txt b/docs/_sources/README.md.txt
index 76d730b..7fe8421 100644
--- a/docs/_sources/README.md.txt
+++ b/docs/_sources/README.md.txt
@@ -7,7 +7,7 @@
 [![Pypi-format](https://img.shields.io/pypi/format/stream-localhost)](https://pypi.org/project/stream-localhost/#files)
 [![Pypi-status](https://img.shields.io/pypi/status/stream-localhost)][pypi]
 
-# Video Streaming
+# PyStream
 Python module to, stream videos via authenticated sessions using FastAPI
 
 ## Install
@@ -23,9 +23,8 @@ import pystream
 
 if __name__ == '__main__':
     kwargs = dict(
-        username="foo",
-        password="bar",
-        video_source=os.path.join(os.path.expanduser('~'), 'Downloads'),
+        authorization=[{"Alan Turing": "Pr0gRamM1ng"}, {"Linus Torvalds": "LinuxOS"}],
+        video_source=os.path.join(os.path.expanduser('~'), 'Downloads')
     )
     # Add the following to host on local IP address, skip for localhost (127.0.0.1)
     # kwargs["video_host"] = pystream.utils.get_local_ip()
@@ -37,8 +36,7 @@ if __name__ == '__main__':
 > To use custom filenames, set the env var `env_file` as `key` and the _filename_ as its `value`
 
 **Mandatory**
-- **USERNAME**: Any username of choice.
-- **PASSWORD**: Any password of choice.
+- **AUTHORIZATION**: List of dictionaries with `username` as key and `password` as value.
 - **VIDEO_SOURCE**: Source path for video files.
 > :bulb: &nbsp; Files starting with `_` _(underscore)_ and `.` _(dot)_ will be ignored
 
diff --git a/docs/_sources/authentication.md.txt b/docs/_sources/authentication.md.txt
new file mode 100644
index 0000000..da6039b
--- /dev/null
+++ b/docs/_sources/authentication.md.txt
@@ -0,0 +1,32 @@
+## Authentication
+`PyStream` uses two ways of authentication, the `username` and `password` to gain access to the server and
+a `session_token` generated by the server to access directories and streaming content.
+
+### Username and Password
+
+#### Frontend
+- UI creates hex values for username and password using native JS
+- These hex values are then used the calculate the hash
+- Calculated hash is then base64 encoded using native JS, before sending the signature to the API in an authorization header
+
+#### Backend
+- API decodes the base64 encoded ascii string, then decodes the HEX received in authorization header
+- Then the value is broken down to, username, signature and timestamp
+- The decoded username is used to get the stored password from env variables, which are then hex encoded
+- API creates a hash signature using the hex username, hex password, and the timestamp
+- These signatures are then compared for authentication purpose
+
+### Session Token
+
+- Once the login has been successful, the API creates a randomly generated 64 bit url safe token
+- This token is stored as unique key for each user
+- The API then forms a payload with the username, key, and the timestamp
+- This payload is then encrypted using Cryptography's Fernet, which can be retrieved only using the key
+- This encrypted payload is stored as a cookie before sending a `JSONResponse` with a `redirect_url`
+> Since the UI uses `AJAX` for authentication POST call, a `RedirectResponse` from FastAPI will not work,
+> as the call will simply follow the redirect to `GET` the content instead of redirecting the page.
+- The `redirect_url` from the JSON response is fetched, to alter `location.href`
+> This form of redirect will transfer cookies to the new page but not the headers,
+> so the username and password are lost in the frontend at this point
+- From then on, all calls to the backend including redirects, directory navigation and, streaming will carry the cookie
+- The `session_token` is the only form of authentication from this point onward
diff --git a/docs/_sources/index.rst.txt b/docs/_sources/index.rst.txt
index bd40dfe..7394aef 100644
--- a/docs/_sources/index.rst.txt
+++ b/docs/_sources/index.rst.txt
@@ -11,6 +11,7 @@ Stream-Localhost - A secured interface to stream videos
    :caption: Read Me:
 
    README
+   authentication
 
 Main Module
 ===========
diff --git a/docs/authentication.html b/docs/authentication.html
new file mode 100644
index 0000000..24bbd51
--- /dev/null
+++ b/docs/authentication.html
@@ -0,0 +1,166 @@
+
+<!DOCTYPE html>
+
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" />
+
+    <title>Authentication &#8212; Stream  documentation</title>
+    <link rel="stylesheet" type="text/css" href="_static/pygments.css" />
+    <link rel="stylesheet" type="text/css" href="_static/classic.css" />
+    
+    <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js"></script>
+    <script src="_static/jquery.js"></script>
+    <script src="_static/underscore.js"></script>
+    <script src="_static/_sphinx_javascript_frameworks_compat.js"></script>
+    <script src="_static/doctools.js"></script>
+    
+    <link rel="index" title="Index" href="genindex.html" />
+    <link rel="search" title="Search" href="search.html" />
+    <link rel="prev" title="PyStream" href="README.html" /> 
+  </head><body>
+    <div class="related" role="navigation" aria-label="related navigation">
+      <h3>Navigation</h3>
+      <ul>
+        <li class="right" style="margin-right: 10px">
+          <a href="genindex.html" title="General Index"
+             accesskey="I">index</a></li>
+        <li class="right" >
+          <a href="py-modindex.html" title="Python Module Index"
+             >modules</a> |</li>
+        <li class="right" >
+          <a href="README.html" title="PyStream"
+             accesskey="P">previous</a> |</li>
+        <li class="nav-item nav-item-0"><a href="index.html">Stream  documentation</a> &#187;</li>
+        <li class="nav-item nav-item-this"><a href="">Authentication</a></li> 
+      </ul>
+    </div>  
+
+    <div class="document">
+      <div class="documentwrapper">
+        <div class="bodywrapper">
+          <div class="body" role="main">
+            
+  <section id="authentication">
+<h1>Authentication<a class="headerlink" href="#authentication" title="Permalink to this heading">¶</a></h1>
+<p><code class="docutils literal notranslate"><span class="pre">PyStream</span></code> uses two ways of authentication, the <code class="docutils literal notranslate"><span class="pre">username</span></code> and <code class="docutils literal notranslate"><span class="pre">password</span></code> to gain access to the server and
+a <code class="docutils literal notranslate"><span class="pre">session_token</span></code> generated by the server to access directories and streaming content.</p>
+<section id="username-and-password">
+<h2>Username and Password<a class="headerlink" href="#username-and-password" title="Permalink to this heading">¶</a></h2>
+<section id="frontend">
+<h3>Frontend<a class="headerlink" href="#frontend" title="Permalink to this heading">¶</a></h3>
+<ul class="simple">
+<li><p>UI creates hex values for username and password using native JS</p></li>
+<li><p>These hex values are then used the calculate the hash</p></li>
+<li><p>Calculated hash is then base64 encoded using native JS, before sending the signature to the API in an authorization header</p></li>
+</ul>
+</section>
+<section id="backend">
+<h3>Backend<a class="headerlink" href="#backend" title="Permalink to this heading">¶</a></h3>
+<ul class="simple">
+<li><p>API decodes the base64 encoded ascii string, then decodes the HEX received in authorization header</p></li>
+<li><p>Then the value is broken down to, username, signature and timestamp</p></li>
+<li><p>The decoded username is used to get the stored password from env variables, which are then hex encoded</p></li>
+<li><p>API creates a hash signature using the hex username, hex password, and the timestamp</p></li>
+<li><p>These signatures are then compared for authentication purpose</p></li>
+</ul>
+</section>
+</section>
+<section id="session-token">
+<h2>Session Token<a class="headerlink" href="#session-token" title="Permalink to this heading">¶</a></h2>
+<ul class="simple">
+<li><p>Once the login has been successful, the API creates a randomly generated 64 bit url safe token</p></li>
+<li><p>This token is stored as unique key for each user</p></li>
+<li><p>The API then forms a payload with the username, key, and the timestamp</p></li>
+<li><p>This payload is then encrypted using Cryptography’s Fernet, which can be retrieved only using the key</p></li>
+<li><p>This encrypted payload is stored as a cookie before sending a <code class="docutils literal notranslate"><span class="pre">JSONResponse</span></code> with a <code class="docutils literal notranslate"><span class="pre">redirect_url</span></code></p></li>
+</ul>
+<blockquote>
+<div><p>Since the UI uses <code class="docutils literal notranslate"><span class="pre">AJAX</span></code> for authentication POST call, a <code class="docutils literal notranslate"><span class="pre">RedirectResponse</span></code> from FastAPI will not work,
+as the call will simply follow the redirect to <code class="docutils literal notranslate"><span class="pre">GET</span></code> the content instead of redirecting the page.</p>
+</div></blockquote>
+<ul class="simple">
+<li><p>The <code class="docutils literal notranslate"><span class="pre">redirect_url</span></code> from the JSON response is fetched, to alter <code class="docutils literal notranslate"><span class="pre">location.href</span></code></p></li>
+</ul>
+<blockquote>
+<div><p>This form of redirect will transfer cookies to the new page but not the headers,
+so the username and password are lost in the frontend at this point</p>
+</div></blockquote>
+<ul class="simple">
+<li><p>From then on, all calls to the backend including redirects, directory navigation and, streaming will carry the cookie</p></li>
+<li><p>The <code class="docutils literal notranslate"><span class="pre">session_token</span></code> is the only form of authentication from this point onward</p></li>
+</ul>
+</section>
+</section>
+
+
+            <div class="clearer"></div>
+          </div>
+        </div>
+      </div>
+      <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
+        <div class="sphinxsidebarwrapper">
+  <div>
+    <h3><a href="index.html">Table of Contents</a></h3>
+    <ul>
+<li><a class="reference internal" href="#">Authentication</a><ul>
+<li><a class="reference internal" href="#username-and-password">Username and Password</a><ul>
+<li><a class="reference internal" href="#frontend">Frontend</a></li>
+<li><a class="reference internal" href="#backend">Backend</a></li>
+</ul>
+</li>
+<li><a class="reference internal" href="#session-token">Session Token</a></li>
+</ul>
+</li>
+</ul>
+
+  </div>
+  <div>
+    <h4>Previous topic</h4>
+    <p class="topless"><a href="README.html"
+                          title="previous chapter">PyStream</a></p>
+  </div>
+  <div role="note" aria-label="source link">
+    <h3>This Page</h3>
+    <ul class="this-page-menu">
+      <li><a href="_sources/authentication.md.txt"
+            rel="nofollow">Show Source</a></li>
+    </ul>
+   </div>
+<div id="searchbox" style="display: none" role="search">
+  <h3 id="searchlabel">Quick search</h3>
+    <div class="searchformwrapper">
+    <form class="search" action="search.html" method="get">
+      <input type="text" name="q" aria-labelledby="searchlabel" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"/>
+      <input type="submit" value="Go" />
+    </form>
+    </div>
+</div>
+<script>document.getElementById('searchbox').style.display = "block"</script>
+        </div>
+      </div>
+      <div class="clearer"></div>
+    </div>
+    <div class="related" role="navigation" aria-label="related navigation">
+      <h3>Navigation</h3>
+      <ul>
+        <li class="right" style="margin-right: 10px">
+          <a href="genindex.html" title="General Index"
+             >index</a></li>
+        <li class="right" >
+          <a href="py-modindex.html" title="Python Module Index"
+             >modules</a> |</li>
+        <li class="right" >
+          <a href="README.html" title="PyStream"
+             >previous</a> |</li>
+        <li class="nav-item nav-item-0"><a href="index.html">Stream  documentation</a> &#187;</li>
+        <li class="nav-item nav-item-this"><a href="">Authentication</a></li> 
+      </ul>
+    </div>
+    <div class="footer" role="contentinfo">
+        &#169; Copyright 2023, Vignesh Rao.
+      Created using <a href="https://www.sphinx-doc.org/">Sphinx</a> 5.1.1.
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/docs/authentication.md b/docs/authentication.md
new file mode 100644
index 0000000..da6039b
--- /dev/null
+++ b/docs/authentication.md
@@ -0,0 +1,32 @@
+## Authentication
+`PyStream` uses two ways of authentication, the `username` and `password` to gain access to the server and
+a `session_token` generated by the server to access directories and streaming content.
+
+### Username and Password
+
+#### Frontend
+- UI creates hex values for username and password using native JS
+- These hex values are then used the calculate the hash
+- Calculated hash is then base64 encoded using native JS, before sending the signature to the API in an authorization header
+
+#### Backend
+- API decodes the base64 encoded ascii string, then decodes the HEX received in authorization header
+- Then the value is broken down to, username, signature and timestamp
+- The decoded username is used to get the stored password from env variables, which are then hex encoded
+- API creates a hash signature using the hex username, hex password, and the timestamp
+- These signatures are then compared for authentication purpose
+
+### Session Token
+
+- Once the login has been successful, the API creates a randomly generated 64 bit url safe token
+- This token is stored as unique key for each user
+- The API then forms a payload with the username, key, and the timestamp
+- This payload is then encrypted using Cryptography's Fernet, which can be retrieved only using the key
+- This encrypted payload is stored as a cookie before sending a `JSONResponse` with a `redirect_url`
+> Since the UI uses `AJAX` for authentication POST call, a `RedirectResponse` from FastAPI will not work,
+> as the call will simply follow the redirect to `GET` the content instead of redirecting the page.
+- The `redirect_url` from the JSON response is fetched, to alter `location.href`
+> This form of redirect will transfer cookies to the new page but not the headers,
+> so the username and password are lost in the frontend at this point
+- From then on, all calls to the backend including redirects, directory navigation and, streaming will carry the cookie
+- The `session_token` is the only form of authentication from this point onward
diff --git a/docs/index.html b/docs/index.html
index f5a5aed..fb6b70c 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -18,7 +18,7 @@
     
     <link rel="index" title="Index" href="genindex.html" />
     <link rel="search" title="Search" href="search.html" />
-    <link rel="next" title="Video Streaming" href="README.html" /> 
+    <link rel="next" title="PyStream" href="README.html" /> 
   </head><body>
     <div class="related" role="navigation" aria-label="related navigation">
       <h3>Navigation</h3>
@@ -30,7 +30,7 @@ <h3>Navigation</h3>
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
         <li class="right" >
-          <a href="README.html" title="Video Streaming"
+          <a href="README.html" title="PyStream"
              accesskey="N">next</a> |</li>
         <li class="nav-item nav-item-0"><a href="#">Stream  documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Stream-Localhost - A secured interface to stream videos</a></li> 
@@ -47,7 +47,7 @@ <h1>Stream-Localhost - A secured interface to stream videos<a class="headerlink"
 <div class="toctree-wrapper compound">
 <p class="caption" role="heading"><span class="caption-text">Read Me:</span></p>
 <ul>
-<li class="toctree-l1"><a class="reference internal" href="README.html">Video Streaming</a><ul>
+<li class="toctree-l1"><a class="reference internal" href="README.html">PyStream</a><ul>
 <li class="toctree-l2"><a class="reference internal" href="README.html#install">Install</a></li>
 <li class="toctree-l2"><a class="reference internal" href="README.html#sample-usage">Sample Usage</a></li>
 <li class="toctree-l2"><a class="reference internal" href="README.html#coding-standards">Coding Standards</a></li>
@@ -58,6 +58,11 @@ <h1>Stream-Localhost - A secured interface to stream videos<a class="headerlink"
 <li class="toctree-l2"><a class="reference internal" href="README.html#license-copyright">License &amp; copyright</a></li>
 </ul>
 </li>
+<li class="toctree-l1"><a class="reference internal" href="authentication.html">Authentication</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="authentication.html#username-and-password">Username and Password</a></li>
+<li class="toctree-l2"><a class="reference internal" href="authentication.html#session-token">Session Token</a></li>
+</ul>
+</li>
 </ul>
 </div>
 </section>
@@ -1104,7 +1109,7 @@ <h3><a href="#">Table of Contents</a></h3>
   <div>
     <h4>Next topic</h4>
     <p class="topless"><a href="README.html"
-                          title="next chapter">Video Streaming</a></p>
+                          title="next chapter">PyStream</a></p>
   </div>
   <div role="note" aria-label="source link">
     <h3>This Page</h3>
@@ -1137,7 +1142,7 @@ <h3>Navigation</h3>
           <a href="py-modindex.html" title="Python Module Index"
              >modules</a> |</li>
         <li class="right" >
-          <a href="README.html" title="Video Streaming"
+          <a href="README.html" title="PyStream"
              >next</a> |</li>
         <li class="nav-item nav-item-0"><a href="#">Stream  documentation</a> &#187;</li>
         <li class="nav-item nav-item-this"><a href="">Stream-Localhost - A secured interface to stream videos</a></li> 
diff --git a/docs/objects.inv b/docs/objects.inv
index 25a5972..a768593 100644
Binary files a/docs/objects.inv and b/docs/objects.inv differ
diff --git a/docs/searchindex.js b/docs/searchindex.js
index e1f1912..10bb310 100644
--- a/docs/searchindex.js
+++ b/docs/searchindex.js
@@ -1 +1 @@
-Search.setIndex({"docnames": ["README", "index"], "filenames": ["README.md", "index.rst"], "titles": ["Video Streaming", "Stream-Localhost - A secured interface to stream videos"], "terms": {"deploy": 0, "python": 0, "modul": 0, "via": 0, "authent": 0, "session": [0, 1], "us": [0, 1], "fastapi": [0, 1], "m": 0, "pip": 0, "localhost": 0, "import": 0, "asyncio": 0, "o": 0, "pystream": [0, 1], "__name__": 0, "__main__": 0, "kwarg": [0, 1], "dict": [0, 1], "usernam": [0, 1], "foo": 0, "password": [0, 1], "bar": 0, "video_sourc": [0, 1], "path": [0, 1], "join": 0, "expandus": 0, "download": 0, "add": [0, 1], "follow": 0, "host": [0, 1], "local": [0, 1], "ip": [0, 1], "address": [0, 1], "skip": 0, "127": [0, 1], "0": [0, 1], "1": [0, 1], "video_host": [0, 1], "util": 0, "get_local_ip": [0, 1], "run": [0, 1], "start": [0, 1], "bulb": 0, "environ": [0, 1], "can": 0, "load": [0, 1], "from": [0, 1], "ani": [0, 1], "file": [0, 1], "filenam": [0, 1], "default": 0, "To": 0, "custom": [0, 1], "set": [0, 1], "var": [0, 1], "env_fil": [0, 1], "kei": [0, 1], "its": [0, 1], "valu": [0, 1], "mandatori": 0, "choic": 0, "_": 0, "sourc": [0, 1], "underscor": 0, "dot": 0, "ignor": [0, 1], "option": [0, 1], "port": 0, "number": [0, 1], "applic": 0, "8000": [0, 1], "format": 0, "sequenc": [0, 1], "support": 0, "mp4": [0, 1], "mov": [0, 1], "worker": [0, 1], "spin": 0, "up": 0, "uvicorn": 0, "server": [0, 1], "websit": [0, 1], "list": [0, 1], "regex": 0, "cor": 0, "configur": [0, 1], "requir": [0, 1], "onli": [0, 1], "tunnel": 0, "cdn": 0, "auto": 0, "thumbnail": [0, 1], "boolean": [0, 1], "flag": [0, 1], "gener": [0, 1], "imag": 0, "preview": [0, 1], "true": [0, 1], "docstr": 0, "googl": 0, "style": 0, "convent": 0, "pep": 0, "8": 0, "isort": 0, "gitvers": 0, "revers": 0, "f": 0, "release_not": 0, "rst": 0, "t": [0, 1], "pre": 0, "commit": 0, "ensur": 0, "pytest": 0, "valid": [0, 1], "hyperlink": 0, "all": [0, 1], "markdown": 0, "includ": [0, 1], "wiki": 0, "page": [0, 1], "sphinx": 0, "5": 0, "recommonmark": 0, "http": [0, 1], "org": 0, "project": 0, "thevickypedia": 0, "github": 0, "io": 0, "vignesh": 0, "rao": 0, "under": 0, "mit": 0, "instal": 1, "sampl": 1, "usag": 1, "code": 1, "standard": 1, "releas": 1, "note": 1, "lint": 1, "pypi": 1, "packag": 1, "runbook": 1, "licens": 1, "copyright": 1, "async": 1, "redirect_exception_handl": 1, "request": 1, "except": 1, "redirectexcept": 1, "jsonrespons": 1, "handler": 1, "handl": 1, "redirect": 1, "paramet": 1, "take": 1, "object": 1, "an": 1, "argument": 1, "inherit": 1, "return": 1, "content": 1, "statu": 1, "cooki": 1, "type": 1, "startup_task": 1, "none": 1, "task": 1, "need": 1, "dure": 1, "api": 1, "startup": 1, "shutdown_task": 1, "shutdown": 1, "starter": 1, "function": 1, "keyword": 1, "env": 1, "failed_auth_count": 1, "keep": 1, "track": 1, "fail": 1, "login": 1, "attempt": 1, "each": 1, "3": 1, "more": 1, "time": 1, "extract_credenti": 1, "str": 1, "extract": 1, "credenti": 1, "author": 1, "header": 1, "decod": 1, "befor": 1, "string": 1, "raise_error": 1, "noreturn": 1, "rais": 1, "401": 1, "unauthor": 1, "error": 1, "case": 1, "bad": 1, "verify_login": 1, "union": 1, "int": 1, "verifi": 1, "token": 1, "user": 1, "dictionari": 1, "payload": 1, "creat": 1, "verify_token": 1, "decrypt": 1, "symmetr": 1, "encrypt": 1, "expir": 1, "class": 1, "envconfig": 1, "_case_sensit": 1, "bool": 1, "_env_prefix": 1, "_env_fil": 1, "dotenvtyp": 1, "posixpath": 1, "_env_file_encod": 1, "_env_nested_delimit": 1, "_secrets_dir": 1, "secretstr": 1, "users_allow": 1, "ipv4address": 1, "video_port": 1, "session_dur": 1, "3600": 1, "file_format": 1, "auto_thumbnail": 1, "pydant": 1, "share": 1, "across": 1, "new": 1, "pars": 1, "input": 1, "data": 1, "validationerror": 1, "pydantic_cor": 1, "cannot": 1, "form": 1, "__init__": 1, "__pydantic_self__": 1, "instead": 1, "common": 1, "self": 1, "first": 1, "arg": 1, "allow": 1, "field": 1, "name": 1, "variabl": 1, "env_prefix": 1, "extra": 1, "hide_input_in_error": 1, "classmethod": 1, "parse_video_host": 1, "notion": 1, "parse_websit": 1, "evalu": 1, "fileio": 1, "index": 1, "html": 1, "land": 1, "static": 1, "query_param": 1, "home_endpoint": 1, "home": 1, "login_endpoint": 1, "logout_endpoint": 1, "logout": 1, "streaming_endpoint": 1, "chunk_siz": 1, "1048576": 1, "delet": 1, "pathlib": 1, "cipher_suit": 1, "cryptographi": 1, "fernet": 1, "store": 1, "arbitrary_types_allow": 1, "info": 1, "invalid": 1, "map": 1, "inform": 1, "webtoken": 1, "timestamp": 1, "ecrypt": 1, "locat": 1, "detail": 1, "within": 1, "sinc": 1, "httpexcept": 1, "doesn": 1, "demand": 1, "where": 1, "i": 1, "solut": 1, "There": 1, "ar": 1, "altern": 1, "work": 1, "our": 1, "javascript": 1, "thi": 1, "wai": 1, "come": 1, "handi": 1, "mani": 1, "unexpect": 1, "scenario": 1, "refer": 1, "tiangolo": 1, "com": 1, "tutori": 1, "instanti": 1, "reason": 1, "alia": 1, "filepath": 1, "initi": 1, "captur": 1, "frame": 1, "particular": 1, "opencv": 1, "": 1, "videocaptur": 1, "generate_thumbnail": 1, "interv": 1, "output_dir": 1, "second": 1, "output": 1, "directori": 1, "success": 1, "failur": 1, "get_video_length": 1, "tupl": 1, "timedelta": 1, "get": 1, "calcul": 1, "length": 1, "datetim": 1, "generate_preview": 1, "at_second": 1, "which": 1, "should": 1, "calculate_hash": 1, "hash": 1, "given": 1, "base64_encod": 1, "base64": 1, "encod": 1, "base64_decod": 1, "hex_decod": 1, "convert": 1, "hex": 1, "hex_encod": 1, "log_connect": 1, "log": 1, "connect": 1, "devic": 1, "avoid": 1, "multipl": 1, "when": 1, "same": 1, "differ": 1, "natural_sort_kei": 1, "sort": 1, "natur": 1, "element": 1, "deriv": 1, "split": 1, "part": 1, "regular": 1, "express": 1, "get_dir_stream_cont": 1, "parent": 1, "subdir": 1, "insid": 1, "displai": 1, "subdirectori": 1, "exist": 1, "pair": 1, "get_all_stream_cont": 1, "folder": 1, "contain": 1, "section": 1, "get_it": 1, "purepath": 1, "current": 1, "serv": 1, "previou": 1, "next": 1, "render": 1, "remove_thumbnail": 1, "img_path": 1, "trigger": 1, "timer": 1, "remov": 1, "keygen": 1, "secret": 1, "so": 1, "forc": 1, "restart": 1, "url": 1, "safe": 1, "64": 1, "bit": 1, "send_bytes_range_request": 1, "file_obj": 1, "binaryio": 1, "start_rang": 1, "end_rang": 1, "asynciter": 1, "bytestr": 1, "send": 1, "chunk": 1, "rang": 1, "specif": 1, "rfc7233": 1, "byte": 1, "end": 1, "yield": 1, "iter": 1, "get_range_head": 1, "range_head": 1, "file_s": 1, "proce": 1, "size": 1, "range_requests_respons": 1, "file_path": 1, "streamingrespons": 1, "respons": 1, "srt_to_vtt": 1, "srt": 1, "vtt": 1, "compat": 1, "j": 1, "vtt_to_srt": 1, "auth": 1, "get_expiri": 1, "lease_start": 1, "lease_dur": 1, "expiri": 1, "max": 1, "ag": 1, "wa": 1, "made": 1, "until": 1, "date": 1, "gmt": 1, "home_pag": 1, "session_token": 1, "templaterespons": 1, "ui": 1, "after": 1, "htmlrespons": 1, "termin": 1, "back": 1, "upon": 1, "refresh": 1, "base": 1, "get_favicon": 1, "filerespons": 1, "favicon": 1, "ico": 1, "endpoint": 1, "robinhood": 1, "script": 1, "root": 1, "redirectrespons": 1, "broken": 1, "relat": 1, "preview_load": 1, "ha": 1, "setup": 1, "track_load": 1, "track_path": 1, "stream_video": 1, "video_path": 1, "templat": 1, "video_endpoint": 1, "receiv": 1, "rootfilt": 1, "filter": 1, "while": 1, "preserv": 1, "other": 1, "access": 1, "200": 1, "ok": 1, "307": 1, "temporari": 1, "vid_nam": 1, "redund": 1, "pass": 1, "overrid": 1, "implement": 1, "subclass": 1, "The": 1, "method": 1, "record": 1, "examin": 1, "fals": 1, "discard": 1, "togeth": 1, "children": 1, "have": 1, "event": 1, "through": 1, "If": 1, "specifi": 1, "everi": 1, "logrecord": 1, "out": 1, "repres": 1, "someth": 1, "simpl": 1, "check": 1, "network": 1, "id": 1, "retriev": 1, "privat": 1, "machin": 1, "get_public_ip": 1, "public": 1, "make": 1, "extern": 1, "search": 1}, "objects": {"pystream": [[1, 0, 0, "-", "logger"], [1, 0, 0, "-", "main"], [1, 0, 0, "-", "utils"]], "pystream.logger": [[1, 1, 1, "", "RootFilter"]], "pystream.logger.RootFilter": [[1, 2, 1, "", "filter"]], "pystream.main": [[1, 3, 1, "", "redirect_exception_handler"], [1, 3, 1, "", "shutdown_tasks"], [1, 3, 1, "", "start"], [1, 3, 1, "", "startup_tasks"]], "pystream.models": [[1, 0, 0, "-", "authenticator"], [1, 0, 0, "-", "config"], [1, 0, 0, "-", "images"], [1, 0, 0, "-", "secure"], [1, 0, 0, "-", "squire"], [1, 0, 0, "-", "stream"], [1, 0, 0, "-", "subtitles"]], "pystream.models.authenticator": [[1, 3, 1, "", "extract_credentials"], [1, 3, 1, "", "failed_auth_counter"], [1, 3, 1, "", "raise_error"], [1, 3, 1, "", "verify_login"], [1, 3, 1, "", "verify_token"]], "pystream.models.config": [[1, 1, 1, "", "EnvConfig"], [1, 1, 1, "", "FileIO"], [1, 5, 1, "", "RedirectException"], [1, 1, 1, "", "Session"], [1, 1, 1, "", "Static"], [1, 1, 1, "", "WebToken"], [1, 4, 1, "", "env"]], "pystream.models.config.EnvConfig": [[1, 1, 1, "", "Config"], [1, 4, 1, "", "authorization"], [1, 4, 1, "", "auto_thumbnail"], [1, 4, 1, "", "file_formats"], [1, 2, 1, "", "parse_video_host"], [1, 2, 1, "", "parse_website"], [1, 4, 1, "", "session_duration"], [1, 4, 1, "", "users_allowed"], [1, 4, 1, "", "video_host"], [1, 4, 1, "", "video_port"], [1, 4, 1, "", "video_source"], [1, 4, 1, "", "website"], [1, 4, 1, "", "workers"]], "pystream.models.config.EnvConfig.Config": [[1, 4, 1, "", "env_file"], [1, 4, 1, "", "env_prefix"], [1, 4, 1, "", "extra"], [1, 4, 1, "", "hide_input_in_errors"]], "pystream.models.config.FileIO": [[1, 4, 1, "", "index"], [1, 4, 1, "", "landing"], [1, 4, 1, "", "listing"]], "pystream.models.config.Session": [[1, 4, 1, "", "info"], [1, 4, 1, "", "invalid"], [1, 4, 1, "", "mapping"]], "pystream.models.config.Static": [[1, 1, 1, "", "Config"], [1, 4, 1, "", "chunk_size"], [1, 4, 1, "", "cipher_suite"], [1, 4, 1, "", "deletions"], [1, 4, 1, "", "home_endpoint"], [1, 4, 1, "", "login_endpoint"], [1, 4, 1, "", "logout_endpoint"], [1, 4, 1, "", "preview"], [1, 4, 1, "", "query_param"], [1, 4, 1, "", "stream"], [1, 4, 1, "", "streaming_endpoint"], [1, 4, 1, "", "track"]], "pystream.models.config.Static.Config": [[1, 4, 1, "", "arbitrary_types_allowed"]], "pystream.models.config.WebToken": [[1, 4, 1, "", "timestamp"], [1, 4, 1, "", "token"], [1, 4, 1, "", "username"]], "pystream.models.images": [[1, 1, 1, "", "Images"]], "pystream.models.images.Images": [[1, 2, 1, "", "generate_preview"], [1, 2, 1, "", "generate_thumbnails"], [1, 2, 1, "", "get_video_length"]], "pystream.models.secure": [[1, 3, 1, "", "base64_decode"], [1, 3, 1, "", "base64_encode"], [1, 3, 1, "", "calculate_hash"], [1, 3, 1, "", "hex_decode"], [1, 3, 1, "", "hex_encode"]], "pystream.models.squire": [[1, 3, 1, "", "get_all_stream_content"], [1, 3, 1, "", "get_dir_stream_content"], [1, 3, 1, "", "get_iter"], [1, 3, 1, "", "keygen"], [1, 3, 1, "", "log_connection"], [1, 3, 1, "", "natural_sort_key"], [1, 3, 1, "", "remove_thumbnail"]], "pystream.models.stream": [[1, 3, 1, "", "get_range_header"], [1, 3, 1, "", "range_requests_response"], [1, 3, 1, "", "send_bytes_range_requests"]], "pystream.models.subtitles": [[1, 3, 1, "", "srt_to_vtt"], [1, 3, 1, "", "vtt_to_srt"]], "pystream.routers": [[1, 0, 0, "-", "auth"], [1, 0, 0, "-", "basics"], [1, 0, 0, "-", "video"]], "pystream.routers.auth": [[1, 3, 1, "", "get_expiry"], [1, 3, 1, "", "home_page"], [1, 3, 1, "", "login"], [1, 3, 1, "", "logout"]], "pystream.routers.basics": [[1, 3, 1, "", "error"], [1, 3, 1, "", "get_favicon"], [1, 3, 1, "", "root"]], "pystream.routers.video": [[1, 3, 1, "", "preview_loader"], [1, 3, 1, "", "stream_video"], [1, 3, 1, "", "track_loader"], [1, 3, 1, "", "video_endpoint"]], "pystream.utils": [[1, 3, 1, "", "get_local_ip"], [1, 3, 1, "", "get_public_ip"]]}, "objtypes": {"0": "py:module", "1": "py:class", "2": "py:method", "3": "py:function", "4": "py:attribute", "5": "py:exception"}, "objnames": {"0": ["py", "module", "Python module"], "1": ["py", "class", "Python class"], "2": ["py", "method", "Python method"], "3": ["py", "function", "Python function"], "4": ["py", "attribute", "Python attribute"], "5": ["py", "exception", "Python exception"]}, "titleterms": {"video": [0, 1], "stream": [0, 1], "instal": 0, "sampl": 0, "usag": 0, "env": 0, "variabl": 0, "code": 0, "standard": 0, "releas": 0, "note": 0, "lint": 0, "pypi": 0, "packag": 0, "runbook": 0, "licens": 0, "copyright": 0, "localhost": 1, "A": 1, "secur": 1, "interfac": 1, "read": 1, "me": 1, "main": 1, "modul": 1, "model": 1, "authent": 1, "config": 1, "imag": 1, "squir": 1, "subtitl": 1, "router": 1, "basic": 1, "support": 1, "logger": 1, "util": 1, "indic": 1, "tabl": 1}, "envversion": {"sphinx.domains.c": 2, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 6, "sphinx.domains.index": 1, "sphinx.domains.javascript": 2, "sphinx.domains.math": 2, "sphinx.domains.python": 3, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx": 56}})
\ No newline at end of file
+Search.setIndex({"docnames": ["README", "authentication", "index"], "filenames": ["README.md", "authentication.md", "index.rst"], "titles": ["PyStream", "Authentication", "Stream-Localhost - A secured interface to stream videos"], "terms": {"deploy": 0, "python": 0, "modul": 0, "stream": [0, 1], "video": 0, "via": 0, "authent": 0, "session": [0, 2], "us": [0, 1, 2], "fastapi": [0, 1, 2], "m": 0, "pip": 0, "localhost": 0, "import": 0, "asyncio": 0, "o": 0, "__name__": 0, "__main__": 0, "kwarg": [0, 2], "dict": [0, 2], "author": [0, 1, 2], "alan": 0, "ture": 0, "pr0gramm1ng": 0, "linu": 0, "torvald": 0, "linuxo": 0, "video_sourc": [0, 2], "path": [0, 2], "join": 0, "expandus": 0, "download": 0, "add": [0, 2], "follow": [0, 1], "host": [0, 2], "local": [0, 2], "ip": [0, 2], "address": [0, 2], "skip": 0, "127": [0, 2], "0": [0, 2], "1": [0, 2], "video_host": [0, 2], "util": 0, "get_local_ip": [0, 2], "run": [0, 2], "start": [0, 2], "bulb": 0, "environ": [0, 2], "can": [0, 1], "load": [0, 2], "from": [0, 1, 2], "ani": [0, 2], "file": [0, 2], "filenam": [0, 2], "default": 0, "To": 0, "custom": [0, 2], "set": [0, 2], "var": [0, 2], "env_fil": [0, 2], "kei": [0, 1, 2], "its": [0, 2], "valu": [0, 1, 2], "mandatori": 0, "list": [0, 2], "dictionari": [0, 2], "usernam": [0, 2], "password": [0, 2], "_": 0, "sourc": [0, 2], "underscor": 0, "dot": 0, "ignor": [0, 2], "option": [0, 2], "port": 0, "number": [0, 2], "applic": 0, "8000": [0, 2], "format": 0, "sequenc": [0, 2], "support": 0, "mp4": [0, 2], "mov": [0, 2], "worker": [0, 2], "spin": 0, "up": 0, "uvicorn": 0, "server": [0, 1, 2], "websit": [0, 2], "regex": 0, "cor": 0, "configur": [0, 2], "requir": [0, 2], "onli": [0, 1, 2], "tunnel": 0, "cdn": 0, "auto": 0, "thumbnail": [0, 2], "boolean": [0, 2], "flag": [0, 2], "gener": [0, 1, 2], "imag": 0, "preview": [0, 2], "true": [0, 2], "docstr": 0, "googl": 0, "style": 0, "convent": 0, "pep": 0, "8": 0, "isort": 0, "gitvers": 0, "revers": 0, "f": 0, "release_not": 0, "rst": 0, "t": [0, 2], "pre": 0, "commit": 0, "ensur": 0, "pytest": 0, "valid": [0, 2], "hyperlink": 0, "all": [0, 1, 2], "markdown": 0, "includ": [0, 1, 2], "wiki": 0, "page": [0, 1, 2], "sphinx": 0, "5": 0, "recommonmark": 0, "http": [0, 2], "org": 0, "project": 0, "thevickypedia": 0, "github": 0, "io": 0, "vignesh": 0, "rao": 0, "under": 0, "mit": 0, "pystream": [1, 2], "two": 1, "wai": [1, 2], "gain": 1, "access": [1, 2], "session_token": [1, 2], "directori": [1, 2], "content": [1, 2], "ui": [1, 2], "creat": [1, 2], "hex": [1, 2], "nativ": 1, "j": [1, 2], "These": 1, "ar": [1, 2], "calcul": [1, 2], "hash": [1, 2], "i": [1, 2], "base64": [1, 2], "encod": [1, 2], "befor": [1, 2], "send": [1, 2], "signatur": 1, "api": [1, 2], "an": [1, 2], "header": [1, 2], "decod": [1, 2], "ascii": 1, "string": [1, 2], "receiv": [1, 2], "Then": 1, "broken": [1, 2], "down": 1, "timestamp": [1, 2], "The": [1, 2], "get": [1, 2], "store": [1, 2], "env": [1, 2], "variabl": [1, 2], "which": [1, 2], "compar": 1, "purpos": 1, "onc": 1, "login": [1, 2], "ha": [1, 2], "been": 1, "success": [1, 2], "randomli": 1, "64": [1, 2], "bit": [1, 2], "url": [1, 2], "safe": [1, 2], "thi": [1, 2], "uniqu": 1, "each": [1, 2], "user": [1, 2], "form": [1, 2], "payload": [1, 2], "encrypt": [1, 2], "cryptographi": [1, 2], "": [1, 2], "fernet": [1, 2], "retriev": [1, 2], "cooki": [1, 2], "jsonrespons": [1, 2], "redirect_url": 1, "sinc": [1, 2], "ajax": 1, "post": 1, "call": 1, "redirectrespons": [1, 2], "work": [1, 2], "simpli": 1, "redirect": [1, 2], "instead": [1, 2], "json": 1, "respons": [1, 2], "fetch": 1, "alter": 1, "locat": [1, 2], "href": 1, "transfer": 1, "new": [1, 2], "so": [1, 2], "lost": 1, "point": 1, "navig": 1, "carri": 1, "onward": 1, "instal": 2, "sampl": 2, "usag": 2, "code": 2, "standard": 2, "releas": 2, "note": 2, "lint": 2, "pypi": 2, "packag": 2, "runbook": 2, "licens": 2, "copyright": 2, "token": 2, "async": 2, "redirect_exception_handl": 2, "request": 2, "except": 2, "redirectexcept": 2, "handler": 2, "handl": 2, "paramet": 2, "take": 2, "object": 2, "argument": 2, "inherit": 2, "return": 2, "statu": 2, "type": 2, "startup_task": 2, "none": 2, "task": 2, "need": 2, "dure": 2, "startup": 2, "shutdown_task": 2, "shutdown": 2, "starter": 2, "function": 2, "keyword": 2, "failed_auth_count": 2, "keep": 2, "track": 2, "fail": 2, "attempt": 2, "3": 2, "more": 2, "time": 2, "extract_credenti": 2, "str": 2, "extract": 2, "credenti": 2, "raise_error": 2, "noreturn": 2, "rais": 2, "401": 2, "unauthor": 2, "error": 2, "case": 2, "bad": 2, "verify_login": 2, "union": 2, "int": 2, "verifi": 2, "verify_token": 2, "decrypt": 2, "symmetr": 2, "expir": 2, "class": 2, "envconfig": 2, "_case_sensit": 2, "bool": 2, "_env_prefix": 2, "_env_fil": 2, "dotenvtyp": 2, "posixpath": 2, "_env_file_encod": 2, "_env_nested_delimit": 2, "_secrets_dir": 2, "secretstr": 2, "users_allow": 2, "ipv4address": 2, "video_port": 2, "session_dur": 2, "3600": 2, "file_format": 2, "auto_thumbnail": 2, "pydant": 2, "share": 2, "across": 2, "pars": 2, "input": 2, "data": 2, "validationerror": 2, "pydantic_cor": 2, "cannot": 2, "__init__": 2, "__pydantic_self__": 2, "common": 2, "self": 2, "first": 2, "arg": 2, "allow": 2, "field": 2, "name": 2, "env_prefix": 2, "extra": 2, "hide_input_in_error": 2, "classmethod": 2, "parse_video_host": 2, "notion": 2, "parse_websit": 2, "evalu": 2, "fileio": 2, "index": 2, "html": 2, "land": 2, "static": 2, "query_param": 2, "home_endpoint": 2, "home": 2, "login_endpoint": 2, "logout_endpoint": 2, "logout": 2, "streaming_endpoint": 2, "chunk_siz": 2, "1048576": 2, "delet": 2, "pathlib": 2, "cipher_suit": 2, "arbitrary_types_allow": 2, "info": 2, "invalid": 2, "map": 2, "inform": 2, "webtoken": 2, "ecrypt": 2, "detail": 2, "within": 2, "httpexcept": 2, "doesn": 2, "demand": 2, "where": 2, "solut": 2, "There": 2, "altern": 2, "our": 2, "javascript": 2, "come": 2, "handi": 2, "mani": 2, "unexpect": 2, "scenario": 2, "refer": 2, "tiangolo": 2, "com": 2, "tutori": 2, "instanti": 2, "reason": 2, "alia": 2, "filepath": 2, "initi": 2, "captur": 2, "frame": 2, "particular": 2, "opencv": 2, "videocaptur": 2, "generate_thumbnail": 2, "interv": 2, "output_dir": 2, "second": 2, "output": 2, "failur": 2, "get_video_length": 2, "tupl": 2, "timedelta": 2, "length": 2, "datetim": 2, "generate_preview": 2, "at_second": 2, "should": 2, "calculate_hash": 2, "given": 2, "base64_encod": 2, "base64_decod": 2, "hex_decod": 2, "convert": 2, "hex_encod": 2, "log_connect": 2, "log": 2, "connect": 2, "devic": 2, "avoid": 2, "multipl": 2, "when": 2, "same": 2, "differ": 2, "natural_sort_kei": 2, "sort": 2, "natur": 2, "element": 2, "deriv": 2, "split": 2, "part": 2, "regular": 2, "express": 2, "get_dir_stream_cont": 2, "parent": 2, "subdir": 2, "insid": 2, "displai": 2, "subdirectori": 2, "exist": 2, "pair": 2, "get_all_stream_cont": 2, "folder": 2, "contain": 2, "section": 2, "get_it": 2, "purepath": 2, "current": 2, "serv": 2, "previou": 2, "next": 2, "render": 2, "remove_thumbnail": 2, "img_path": 2, "trigger": 2, "timer": 2, "remov": 2, "keygen": 2, "secret": 2, "forc": 2, "restart": 2, "send_bytes_range_request": 2, "file_obj": 2, "binaryio": 2, "start_rang": 2, "end_rang": 2, "asynciter": 2, "bytestr": 2, "chunk": 2, "rang": 2, "specif": 2, "rfc7233": 2, "byte": 2, "end": 2, "yield": 2, "iter": 2, "get_range_head": 2, "range_head": 2, "file_s": 2, "proce": 2, "size": 2, "range_requests_respons": 2, "file_path": 2, "streamingrespons": 2, "srt_to_vtt": 2, "srt": 2, "vtt": 2, "compat": 2, "vtt_to_srt": 2, "auth": 2, "get_expiri": 2, "lease_start": 2, "lease_dur": 2, "expiri": 2, "max": 2, "ag": 2, "wa": 2, "made": 2, "until": 2, "date": 2, "gmt": 2, "home_pag": 2, "templaterespons": 2, "after": 2, "htmlrespons": 2, "termin": 2, "back": 2, "upon": 2, "refresh": 2, "base": 2, "get_favicon": 2, "filerespons": 2, "favicon": 2, "ico": 2, "endpoint": 2, "robinhood": 2, "script": 2, "root": 2, "relat": 2, "preview_load": 2, "setup": 2, "track_load": 2, "track_path": 2, "stream_video": 2, "video_path": 2, "templat": 2, "video_endpoint": 2, "rootfilt": 2, "filter": 2, "while": 2, "preserv": 2, "other": 2, "200": 2, "ok": 2, "307": 2, "temporari": 2, "vid_nam": 2, "redund": 2, "pass": 2, "overrid": 2, "implement": 2, "subclass": 2, "method": 2, "record": 2, "examin": 2, "fals": 2, "discard": 2, "togeth": 2, "children": 2, "have": 2, "event": 2, "through": 2, "If": 2, "specifi": 2, "everi": 2, "logrecord": 2, "out": 2, "repres": 2, "someth": 2, "simpl": 2, "check": 2, "network": 2, "id": 2, "privat": 2, "machin": 2, "get_public_ip": 2, "public": 2, "make": 2, "extern": 2, "search": 2}, "objects": {"pystream": [[2, 0, 0, "-", "logger"], [2, 0, 0, "-", "main"], [2, 0, 0, "-", "utils"]], "pystream.logger": [[2, 1, 1, "", "RootFilter"]], "pystream.logger.RootFilter": [[2, 2, 1, "", "filter"]], "pystream.main": [[2, 3, 1, "", "redirect_exception_handler"], [2, 3, 1, "", "shutdown_tasks"], [2, 3, 1, "", "start"], [2, 3, 1, "", "startup_tasks"]], "pystream.models": [[2, 0, 0, "-", "authenticator"], [2, 0, 0, "-", "config"], [2, 0, 0, "-", "images"], [2, 0, 0, "-", "secure"], [2, 0, 0, "-", "squire"], [2, 0, 0, "-", "stream"], [2, 0, 0, "-", "subtitles"]], "pystream.models.authenticator": [[2, 3, 1, "", "extract_credentials"], [2, 3, 1, "", "failed_auth_counter"], [2, 3, 1, "", "raise_error"], [2, 3, 1, "", "verify_login"], [2, 3, 1, "", "verify_token"]], "pystream.models.config": [[2, 1, 1, "", "EnvConfig"], [2, 1, 1, "", "FileIO"], [2, 5, 1, "", "RedirectException"], [2, 1, 1, "", "Session"], [2, 1, 1, "", "Static"], [2, 1, 1, "", "WebToken"], [2, 4, 1, "", "env"]], "pystream.models.config.EnvConfig": [[2, 1, 1, "", "Config"], [2, 4, 1, "", "authorization"], [2, 4, 1, "", "auto_thumbnail"], [2, 4, 1, "", "file_formats"], [2, 2, 1, "", "parse_video_host"], [2, 2, 1, "", "parse_website"], [2, 4, 1, "", "session_duration"], [2, 4, 1, "", "users_allowed"], [2, 4, 1, "", "video_host"], [2, 4, 1, "", "video_port"], [2, 4, 1, "", "video_source"], [2, 4, 1, "", "website"], [2, 4, 1, "", "workers"]], "pystream.models.config.EnvConfig.Config": [[2, 4, 1, "", "env_file"], [2, 4, 1, "", "env_prefix"], [2, 4, 1, "", "extra"], [2, 4, 1, "", "hide_input_in_errors"]], "pystream.models.config.FileIO": [[2, 4, 1, "", "index"], [2, 4, 1, "", "landing"], [2, 4, 1, "", "listing"]], "pystream.models.config.Session": [[2, 4, 1, "", "info"], [2, 4, 1, "", "invalid"], [2, 4, 1, "", "mapping"]], "pystream.models.config.Static": [[2, 1, 1, "", "Config"], [2, 4, 1, "", "chunk_size"], [2, 4, 1, "", "cipher_suite"], [2, 4, 1, "", "deletions"], [2, 4, 1, "", "home_endpoint"], [2, 4, 1, "", "login_endpoint"], [2, 4, 1, "", "logout_endpoint"], [2, 4, 1, "", "preview"], [2, 4, 1, "", "query_param"], [2, 4, 1, "", "stream"], [2, 4, 1, "", "streaming_endpoint"], [2, 4, 1, "", "track"]], "pystream.models.config.Static.Config": [[2, 4, 1, "", "arbitrary_types_allowed"]], "pystream.models.config.WebToken": [[2, 4, 1, "", "timestamp"], [2, 4, 1, "", "token"], [2, 4, 1, "", "username"]], "pystream.models.images": [[2, 1, 1, "", "Images"]], "pystream.models.images.Images": [[2, 2, 1, "", "generate_preview"], [2, 2, 1, "", "generate_thumbnails"], [2, 2, 1, "", "get_video_length"]], "pystream.models.secure": [[2, 3, 1, "", "base64_decode"], [2, 3, 1, "", "base64_encode"], [2, 3, 1, "", "calculate_hash"], [2, 3, 1, "", "hex_decode"], [2, 3, 1, "", "hex_encode"]], "pystream.models.squire": [[2, 3, 1, "", "get_all_stream_content"], [2, 3, 1, "", "get_dir_stream_content"], [2, 3, 1, "", "get_iter"], [2, 3, 1, "", "keygen"], [2, 3, 1, "", "log_connection"], [2, 3, 1, "", "natural_sort_key"], [2, 3, 1, "", "remove_thumbnail"]], "pystream.models.stream": [[2, 3, 1, "", "get_range_header"], [2, 3, 1, "", "range_requests_response"], [2, 3, 1, "", "send_bytes_range_requests"]], "pystream.models.subtitles": [[2, 3, 1, "", "srt_to_vtt"], [2, 3, 1, "", "vtt_to_srt"]], "pystream.routers": [[2, 0, 0, "-", "auth"], [2, 0, 0, "-", "basics"], [2, 0, 0, "-", "video"]], "pystream.routers.auth": [[2, 3, 1, "", "get_expiry"], [2, 3, 1, "", "home_page"], [2, 3, 1, "", "login"], [2, 3, 1, "", "logout"]], "pystream.routers.basics": [[2, 3, 1, "", "error"], [2, 3, 1, "", "get_favicon"], [2, 3, 1, "", "root"]], "pystream.routers.video": [[2, 3, 1, "", "preview_loader"], [2, 3, 1, "", "stream_video"], [2, 3, 1, "", "track_loader"], [2, 3, 1, "", "video_endpoint"]], "pystream.utils": [[2, 3, 1, "", "get_local_ip"], [2, 3, 1, "", "get_public_ip"]]}, "objtypes": {"0": "py:module", "1": "py:class", "2": "py:method", "3": "py:function", "4": "py:attribute", "5": "py:exception"}, "objnames": {"0": ["py", "module", "Python module"], "1": ["py", "class", "Python class"], "2": ["py", "method", "Python method"], "3": ["py", "function", "Python function"], "4": ["py", "attribute", "Python attribute"], "5": ["py", "exception", "Python exception"]}, "titleterms": {"pystream": 0, "instal": 0, "sampl": 0, "usag": 0, "env": 0, "variabl": 0, "code": 0, "standard": 0, "releas": 0, "note": 0, "lint": 0, "pypi": 0, "packag": 0, "runbook": 0, "licens": 0, "copyright": 0, "authent": [1, 2], "usernam": 1, "password": 1, "frontend": 1, "backend": 1, "session": 1, "token": 1, "stream": 2, "localhost": 2, "A": 2, "secur": 2, "interfac": 2, "video": 2, "read": 2, "me": 2, "main": 2, "modul": 2, "model": 2, "config": 2, "imag": 2, "squir": 2, "subtitl": 2, "router": 2, "basic": 2, "support": 2, "logger": 2, "util": 2, "indic": 2, "tabl": 2}, "envversion": {"sphinx.domains.c": 2, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 6, "sphinx.domains.index": 1, "sphinx.domains.javascript": 2, "sphinx.domains.math": 2, "sphinx.domains.python": 3, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx": 56}})
\ No newline at end of file
diff --git a/pre_commit.sh b/pre_commit.sh
index e5a94d0..5514160 100755
--- a/pre_commit.sh
+++ b/pre_commit.sh
@@ -24,9 +24,9 @@ update_release_notes() {
 gen_docs() {
   # Generate sphinx docs
   mkdir -p doc_gen/_static  # Create a _static directory if unavailable
-  cp README.md doc_gen  # Copy readme file to doc_gen
+  cp README.md authentication.md doc_gen  # Copy readme file to doc_gen
   cd doc_gen && make clean html  # cd into doc_gen and create the runbook
-  mv _build/html/* ../docs && mv README.md ../docs  # Move the runbook, readme
+  mv _build/html/* ../docs && mv README.md authentication.md ../docs  # Move the runbook, readme
   cp static.css ../docs/_static
 }
 
diff --git a/pystream/__init__.py b/pystream/__init__.py
index 965e985..0ab5fb6 100644
--- a/pystream/__init__.py
+++ b/pystream/__init__.py
@@ -1,5 +1,5 @@
 from . import utils  # noqa: F401
 from .main import start  # noqa: F401
-from .models import config, images  # noqa: F401
+from .models import config, images, secure  # noqa: F401
 
 version = "1.0"
diff --git a/pystream/models/authenticator.py b/pystream/models/authenticator.py
index 9e94367..c4e0cb8 100644
--- a/pystream/models/authenticator.py
+++ b/pystream/models/authenticator.py
@@ -63,7 +63,7 @@ async def verify_login(request: Request) -> Dict[str, Union[str, int]]:
     hex_pass = await secure.hex_encode(password.get_secret_value())
     message = f"{hex_user}{hex_pass}{timestamp}"
     expected_signature = await secure.calculate_hash(message)
-    if signature == expected_signature:
+    if secrets.compare_digest(signature, expected_signature):
         config.session.invalid[request.client.host] = 0
         key = squire.keygen()
         # Store session token for each apikey
@@ -79,7 +79,7 @@ async def verify_token(token: str) -> None:
         token: Symmetric encrypted key.
     """
     if not token:
-        logger.warning("No session token was received")
+        logger.warning("Session token was missing/revoked")
         raise config.RedirectException(location="/error", detail="Invalid session token")
     try:
         decoded = config.WebToken(**eval(config.static.cipher_suite.decrypt(token).decode()))
@@ -88,5 +88,6 @@ async def verify_token(token: str) -> None:
         raise config.RedirectException(location="/error", detail="Invalid session token")
     if not secrets.compare_digest(decoded.token, config.session.mapping.get(decoded.username, '')):
         raise config.RedirectException(location="/error", detail="Invalid session token")
+    # Max time and expiry for session token is set in the Cookie, but this is a fallback mechanism to avoid tampering
     if time.time() - decoded.timestamp > config.env.session_duration:
         raise config.RedirectException(location="/error", detail="Session expired")