You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Danny Bessems 55413d20c5 Merge branch 'development' of djpbessems/lucidAuth into master 2 months ago
include Added external library NProgress and ajax-timeouts 2 months ago
public Added external library NProgress and ajax-timeouts 2 months ago
LICENSE.md Periodic merge upstream (#1) 5 months ago
README.md Periodic merge upstream (#1) 5 months ago
lucidAuth.config.php.example Periodic merge upstream (#1) 5 months ago

README.md

lucidAuth

Forward Authentication for use with proxies (caddy, nginx, traefik, etc)

Usage

  • Create a new folder, navigate to it in a commandprompt and run the following command:
    git clone https://code.spamasaurus.com/djpbessems/lucidAuth.git
  • Edit include/lucidAuth.config.php.example to reflect your configuration and save as include/lucidAuth.config.php
  • Create a new website (within any php-capable webserver) and make sure that the documentroot points to the public folder
  • Check if you are able to browse to https://<fqdn>/lucidAuth.login.php (where <fqdn> is the actual domain -or IP address- your webserver is listening on)
  • Edit your proxy’s configuration to use the new website as forward proxy:

    • in Caddy/nginx (planned for a later stage)

    • in Traefik

      Add the following lines (change to reflect your existing configuration):

      [frontends.server1]
      entrypoints = ["https"]
      backend = "server1"
      [frontends.server1.auth.forward]
      address = "https://<fqdn>/lucidAuth.validateRequest.php"
      [frontends.server1.routes]
      [frontends.server1.routes.ext]
      rule = "Host:<fqdn>"
      
  • Important!

    The domainname of the website made in step 3, needs to match the domainname (ignoring subdomains, if any) of the resource utilizing this authentication proxy.

Questions or bugs

Feel free to open issues in this repository.