Optional Post-Installation Steps

LWT is a all-in-one product, but you can extend its capabilities in various ways. Here are the additional features unavailable by default.

Parse Japanese with MeCab

MeCab is a Japanese parser. Installing it has two main advantages:

Much better parsing of Japanese texts than RegExp.
Automatic romanization of words.
Enables text-to-speech for any character group.

Installation

Standard Installtion

Follow the instructions to download MeCab at https://taku910.github.io/mecab/#install.
Add MeCab to your system PATH.
In LWT, go to "Edit Languages" → "Japanese" and change from the value for "RegExp Word Characters" to mecab.

Using Docker

Original instructions provided on Easily Set Up and Use MeCab With Docker and NodeJS (Medium).

Run your LWT container in interactive mode and install MeCab.

bash

docker exec -it lwt bash
apt-get update && apt-get install -y mecab libmecab-dev mecab-ipadic-utf8

In LWT, go to "Edit Languages" → "Japanese" and change from the value for "RegExp Word Characters" to mecab.

Automatic Translation

LibreTranslate

LibreTranslate is a great open-source tool that allows you to translate text and provides an API. With it you can achieve the following:

Translation of sentences without using Google Translate.
Automatic translation of words (so you don't need to fill by hand!).

LibreTranslate Demo

To use it, please read the following steps:

Install it on a local or remote server or using Docker.
In LWT, go to "Edit Langagues", either create a new or edit an existing language
In the field "Sentence Translator URI", replace it by the URL of you libre translate instance.
- Do not forget to add the parameter lwt_translator=libretranslate for the automatic translation!
- source= should be followed by two letters indicating the language translating from.
- target= should be followed by two letters indicating the language to translate to.

Enhanced Text-to-Speech

The Text-to-Speech may sound robotic with some languages or operating systems. A workaround is to download a Text-To-Speech (TTS) plugin such as Read Aloud.

Multi-User Mode

LWT supports a multi-user mode where each user has their own isolated data. This is useful for:

Sharing a single LWT instance among multiple learners
Securing data access in a shared environment
Enabling user registration and authentication

Enabling Multi-User Mode

Edit your .env file and add:
dotenv
```
MULTI_USER_ENABLED=true
```
Restart your web server.
The first time you access LWT, you'll be prompted to create an admin account.

Password Requirements

When creating accounts in multi-user mode, passwords must meet the following requirements:

Requirement	Description
Minimum Length	8 characters
Maximum Length	128 characters
Letters	At least one letter (a-z or A-Z)
Numbers	At least one number (0-9)

Security Best Practices

For production deployments, we recommend:

Use a strong, unique password (12+ characters with mixed case, numbers, and symbols)
Never reuse passwords from other services
Consider using a password manager
Always use HTTPS in production

Password Hashing

LWT uses modern password hashing algorithms:

Argon2ID (preferred) - Memory-hard algorithm resistant to GPU attacks
bcrypt (fallback) - Used if Argon2ID is unavailable

Passwords are never stored in plain text and cannot be recovered—only reset.

YouTube Import

LWT can import captions from YouTube videos. To enable this feature:

Create a Google Cloud project at Google Cloud Console
Enable the YouTube Data API v3 for your project
Create an API key in the Credentials section
Add the key to your .env file:
dotenv
```
YT_API_KEY=your_api_key_here
```
Restart your web server

The YouTube import option will now appear when creating new texts.

External Audio Sources (CSP Configuration)

By default, LWT only allows audio files from the same server (for security). If you want to use audio from external sources (e.g., language learning websites), you can configure the Content Security Policy.

Configuration

Add the CSP_MEDIA_SOURCES setting to your .env file:

dotenv

# Option 1: Allow any HTTPS source (recommended for self-hosted instances)
CSP_MEDIA_SOURCES=https

# Option 2: Allow specific domains only
CSP_MEDIA_SOURCES=https://example.com,https://other-site.org

# Option 3: Strict mode - only local files (default)
CSP_MEDIA_SOURCES=self

Security Considerations

Setting	Security	Use Case
`self`	Highest	Multi-user servers where privacy is critical
`https`	Moderate	Self-hosted instances with trusted users
Specific domains	High	When you know exactly which audio sources you'll use

Privacy Note for Multi-User Servers

When https is enabled, users can add audio URLs pointing to external servers. When other users play that audio, the external server can log their IP addresses. For public multi-user servers where privacy matters, consider:

Keeping the default self setting
Implementing a media proxy (future feature)
Whitelisting only trusted domains

Optional Post-Installation Steps ​

Parse Japanese with MeCab ​

Installation ​

Standard Installtion ​

Using Docker ​

Automatic Translation ​

LibreTranslate ​

Enhanced Text-to-Speech ​

Multi-User Mode ​

Enabling Multi-User Mode ​

Password Requirements ​

Password Hashing ​

YouTube Import ​

External Audio Sources (CSP Configuration) ​

Configuration ​

Security Considerations ​