Is there a way to disable the authorization code screen for remote access? I have a cloudflare tunnel in front of the DVR, so I am already handling authentication.
No, non local network connections will always require authentication. If you want to avoid authentication, consider using a VPN.
Is there trickery that can be done with Cloudflared as a tunnel? Cloudflared sits on the network, so I thought it would appear as a local proxy but evidently it doesn't.
It’s actually dependent on the IP address in the connection request.
How does it check this? The ip.src on the packet?
I setup nginx and am still being prompted for the token? I thought (based on DVR webgui with Nginx reverse proxy) that nginx would make it appear as coming from localhost and the auth would be bypassed?
You can enable http logging and check the dvr log to see what IP is coming through.