Add support for additional authentication methods #204
Labels
Priority: Low
Minor issue or feature with minimal impact; can be addressed later.
Status: Accepted
This task has been acknowledged and is planned for implementation
Type: Feature Request
Request of a new future feature
Comments
j1mbl3s
added
Status: Created
MDeLuise
added
Status: Accepted
|
I would definetly like SSO via OIDC, a templated/generic method might notbe too hard. An example is Komga's implemenation: https://komga.org/docs/installation/oauth2/ I use the generic for my selfhosted PocketID, but many use Google/Microsoft/Apple/GitHub or other selfhosted like KeyCloak and Authelia. The templated method means you dont have to make one for all of these different providers. Hope this helps. Love the project by the way <3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Avoid duplicated feature requests
Description
I would like Plant-it to accept authentication from additional sources, such as forwarded proxy headers (
X-Forwarded-User,X-Forwarded-Email, etc.), or maybe OAuth/OIDC but I know that is a larger effort and I'm not sure that whole flow is entirely necessary for this application.This would allow Plant-it to offload the storage of authentication details to another service (it would still need to keep track of user data, though). SSO would be an option for environments that support it(!).
There would need to be a few additional configs for forwarded auth:
FORWARD_AUTH_ENABLED- true/false value which enables or disables the feature to accept forwarded authentication headersFORWARD_AUTH_HEADER- string specifying the HTTP header used to pass the user id (i.e.X-Forwarded-User,X-Forwarded-Email, etc)FORWARD_AUTH_TRUSTED_IP- a list of IPs to accept forwarded authentication from (i.e. from the IP of the incoming request); accept from any IP if it is empty/undefinedThe text was updated successfully, but these errors were encountered: