diff --git a/auth/authentication.js b/auth/authentication.js
index 294e273e..6c6cf441 100644
--- a/auth/authentication.js
+++ b/auth/authentication.js
@@ -1,5 +1,33 @@
-module.exports = {
-  isAuthenticated (req, res, next) {
+const db = require('../models');
+const logger = require('winston');
 
+module.exports = {
+  authenticateApiPublish (username, password) {
+    return new Promise((resolve, reject) => {
+      if (username === 'none') {
+        resolve(true);
+        return;
+      }
+      db.User
+          .findOne({where: {userName: username}})
+          .then(user => {
+            if (!user) {
+              logger.debug('no user found');
+              resolve(false);
+              return;
+            }
+            if (!user.validPassword(password, user.password)) {
+              logger.debug('incorrect password');
+              resolve(false);
+              return;
+            }
+            logger.debug('user found:', user.dataValues);
+            resolve(true);
+          })
+          .catch(error => {
+            logger.error(error);
+            reject();
+          });
+    });
   },
 };
diff --git a/controllers/serveController.js b/controllers/serveController.js
index c9fb5e81..95b9f77e 100644
--- a/controllers/serveController.js
+++ b/controllers/serveController.js
@@ -97,7 +97,7 @@ function getAssetByLongClaimId (fullClaimId, name) {
 }
 
 function chooseThumbnail (claimInfo, defaultThumbnail) {
-  if (!claimInfo.thumbnail || claimInfo.thumbnail === '') {
+  if (!claimInfo.thumbnail || claimInfo.thumbnail.trim() === '') {
     return defaultThumbnail;
   }
   return claimInfo.thumbnail;
@@ -168,7 +168,12 @@ module.exports = {
               element['thumbnail'] = chooseThumbnail(element, DEFAULT_THUMBNAIL);
             });
           }
-          return resolve(allChannelClaims);
+          return resolve({
+            channelName,
+            longChannelId,
+            shortChannelId,
+            claims: allChannelClaims,
+          });
         })
         .catch(error => {
           reject(error);
diff --git a/helpers/publishHelpers.js b/helpers/publishHelpers.js
index 7d3d1794..2db37d46 100644
--- a/helpers/publishHelpers.js
+++ b/helpers/publishHelpers.js
@@ -57,22 +57,20 @@ module.exports = {
     // filter nsfw and ensure it is a boolean
     if (nsfw === false) {
       nsfw = false;
-    } else if (nsfw.toLowerCase === 'false') {
-      nsfw = false;
-    } else if (nsfw.toLowerCase === 'off') {
-      nsfw = false;
+    } else if (typeof nsfw === 'string') {
+      if (nsfw.toLowerCase === 'false' || nsfw.toLowerCase === 'off' || nsfw === '0') {
+        nsfw = false;
+      }
     } else if (nsfw === 0) {
       nsfw = false;
-    } else if (nsfw === '0') {
-      nsfw = false;
     } else {
       nsfw = true;
     }
     // provide defaults for title & description
-    if (title === '' || title === null) {
+    if (title === null || title === '') {
       title = name;
     }
-    if (description.trim() === '' || description === null) {
+    if (description === null || description.trim() === '') {
       description = `${name} published via spee.ch`;
     }
     // create the publish params
diff --git a/public/assets/css/BEM.css b/public/assets/css/BEM.css
index f3099b4e..17637020 100644
--- a/public/assets/css/BEM.css
+++ b/public/assets/css/BEM.css
@@ -1,4 +1,7 @@
 
+/*  GENERAL */
+
+
 /* TEXT */
 
 body, button, input, textarea, label, select, option {
@@ -32,6 +35,14 @@ h2 {
 	padding: 6px;
 }
 
+h3 {
+	color: black;;
+}
+
+.h3--secondary {
+	color: #999999;
+}
+
 h4 {
 	padding: 3px;
 }
diff --git a/routes/api-routes.js b/routes/api-routes.js
index 2b504b69..5cc73480 100644
--- a/routes/api-routes.js
+++ b/routes/api-routes.js
@@ -6,6 +6,7 @@ const { getClaimList, resolveUri } = require('../helpers/lbryApi.js');
 const { createPublishParams, validateFile, checkClaimNameAvailability, checkChannelAvailability } = require('../helpers/publishHelpers.js');
 const errorHandlers = require('../helpers/errorHandlers.js');
 const { postToStats, sendGoogleAnalytics } = require('../controllers/statsController.js');
+const { authenticateApiPublish } = require('../auth/authentication.js');
 
 module.exports = (app) => {
   // route to run a claim_list request on the daemon
@@ -76,8 +77,13 @@ module.exports = (app) => {
     // validate that a file was provided
     const file = files.speech || files.null;
     const name = body.name || file.name.substring(0, file.name.indexOf('.'));
+    const title = body.title || null;
+    const description = body.description || null;
     const license = body.license || 'No License Provided';
-    const nsfw = body.nsfw || true;
+    const nsfw = body.nsfw || null;
+    const channelName = body.channelName || 'none';
+    const channelPassword = body.channelPassword || null;
+    logger.debug(`name: ${name}, license: ${license}, nsfw: ${nsfw}`);
     try {
       validateFile(file, name, license, nsfw);
     } catch (error) {
@@ -86,19 +92,27 @@ module.exports = (app) => {
       res.status(400).send(error.message);
       return;
     }
-    // prepare the publish parameters
     const fileName = file.name;
     const filePath = file.path;
     const fileType = file.type;
-    const publishParams = createPublishParams(name, filePath, license, nsfw);
-    // publish the file
-    publish(publishParams, fileName, fileType)
+    // channel authorization
+    authenticateApiPublish(channelName, channelPassword)
+    .then(result => {
+      if (!result) {
+        res.status(401).send('Authentication failed, you do not have access to that channel');
+        throw new Error('authentication failed');
+      }
+      return createPublishParams(name, filePath, title, description, license, nsfw, channelName);
+    })
+    .then(publishParams => {
+      return publish(publishParams, fileName, fileType);
+    })
     .then(result => {
       postToStats('publish', originalUrl, ip, null, null, 'success');
       res.status(200).json(result);
     })
     .catch(error => {
-      errorHandlers.handleRequestError('publish', originalUrl, ip, error, res);
+      logger.error('publish api error', error);
     });
   });
 };
diff --git a/routes/serve-routes.js b/routes/serve-routes.js
index b7574e4b..188a03c1 100644
--- a/routes/serve-routes.js
+++ b/routes/serve-routes.js
@@ -124,15 +124,12 @@ module.exports = (app) => {
       // 1. retrieve the channel contents
       getChannelContents(channelName, channelId)
       // 2. respond to the request
-      .then(channelContents => {
-        if (!channelContents) {
+      .then(result => {
+        logger.debug('result');
+        if (!result.claims) {
           res.status(200).render('noChannel');
         } else {
-          const handlebarsData = {
-            channelName,
-            channelContents,
-          };
-          res.status(200).render('channel', handlebarsData);
+          res.status(200).render('channel', result);
         }
       })
       .catch(error => {
diff --git a/views/channel.handlebars b/views/channel.handlebars
index 899b3e80..d2fbda49 100644
--- a/views/channel.handlebars
+++ b/views/channel.handlebars
@@ -1,9 +1,9 @@
 <div class="wrapper">
 	{{> topBar}}
 	<div>
-		<h3>{{this.channelName}}</h3>
+        <h3>{{this.channelName}}<span class="h3--secondary">:{{this.shortChannelId}}</span></h3>
 		<p>Below is all the free content in this channel.</p>
-		{{#each channelContents}}
+		{{#each this.claims}}
           {{> contentListItem}}
 		{{/each}}
 	</div>