Periodic merge upstream #5

Manually merged
djpbessems merged 13 commits from development into master 2019-12-30 12:18:50 +00:00
2 changed files with 22 additions and 12 deletions
Showing only changes of commit e17aed8297 - Show all commits

View File

@ -25,8 +25,5 @@ Forward Authentication for use with proxies (caddy, nginx, traefik, etc)
rule = "Host:<fqdn>" rule = "Host:<fqdn>"
``` ```
- #### Important!
The domainname of the website made in step 3, needs to match the domainname (*ignoring subdomains, if any*) of the resource utilizing this authentication proxy.
## Questions or bugs ## Questions or bugs
Feel free to open issues in this repository. Feel free to open issues in this repository.

View File

@ -18,6 +18,16 @@ return (object) array(
// Specify the NetBios name of the domain; to allow users to log on with just their usernames. // Specify the NetBios name of the domain; to allow users to log on with just their usernames.
], ],
'2FA' => [
'Protocol' => 'TOTP', // Possible options are HOTP (sequential codes) and TOTP (timebased codes)
'TOTP' => [
'Secret' => 'NULL', // By default, a 512 bits secret is generated. If you need, you can provide your own secret here.
'Age' => '30', // The duration that each OTP code is valid for.
'Length' => '6', // Number of digits the OTP code will consist of.
'Algorithm' => 'SHA256' // The hashing algorithm used.
],
],
'Sqlite' => [ 'Sqlite' => [
'Path' => '../data/lucidAuth.sqlite.db' 'Path' => '../data/lucidAuth.sqlite.db'
// Relative path to the location where the database should be stored // Relative path to the location where the database should be stored
@ -37,6 +47,9 @@ return (object) array(
'CrossDomainLogin' => False, 'CrossDomainLogin' => False,
// Set this to True if SingleSignOn (albeit rudementary) is desired // Set this to True if SingleSignOn (albeit rudementary) is desired
// (cookies are inheritently unaware of each other; clearing cookies for one domain does not affect other domains) // (cookies are inheritently unaware of each other; clearing cookies for one domain does not affect other domains)
// Important!
// If you leave this set to False, the domainname where lucidAuth will be running on,
// needs to match the domainname (*ignoring subdomains, if any*) of the resource utilizing the authentication proxy.
'CookieDomains' => [ 'CookieDomains' => [
'domain1.tld' #, 'domain2.tld', 'subdomain.domain3.tld' 'domain1.tld' #, 'domain2.tld', 'subdomain.domain3.tld'
] ]