djpbessems/lucidAuth
1
1
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity
25 Commits 2 Branches 2 Tags 1 MiB
PHP 60.2%
JavaScript 27%
CSS 12.8%
ecce4d9342
Go to file
Danny Bessems ecce4d9342 Redid formatting of README.md, taking into account Gitea's limited markdown rendering
2019-02-23 10:13:56 +01:00
include Added nonfunctional workflow for crossdomain cookies 2019-02-22 11:28:42 +01:00
public Resolved conflicts in login.php and functions.php 2019-02-22 11:45:50 +01:00
LICENSE.md Rename LICENSE to LICENSE.md 2019-01-16 15:28:54 +01:00
lucidAuth.config.php.example Added nonfunctional workflow for crossdomain cookies 2019-02-22 11:28:42 +01:00
README.md Redid formatting of README.md, taking into account Gitea's limited markdown rendering 2019-02-23 10:13:56 +01:00

README.md

lucidAuth

Forward Authentication for use with proxies (caddy, nginx, traefik, etc)

Usage

  • Create a new folder, navigate to it in a commandprompt and run the following command:
    git clone https://code.spamasaurus.com/djpbessems/lucidAuth.git

  • Edit include/lucidAuth.config.php.example to reflect your configuration and save as include/lucidAuth.config.php

  • Create a new website (within any php-capable webserver) and make sure that the documentroot points to the public folder

  • Check if you are able to browse to https://<fqdn>/lucidAuth.login.php (where <fqdn> is the actual domain -or IP address- your webserver is listening on)

  • Edit your proxy's configuration to use the new website as forward proxy:

    • in Caddy/nginx (planned for a later stage)

    • in Traefik

    Add the following lines (change to reflect your existing configuration):

    [frontends.server1]
  entrypoints = ["https"]
  backend = "server1"
  [frontends.server1.auth.forward]
    address = "https://<fqdn>/lucidAuth.validateRequest.php"
  [frontends.server1.routes]
    [frontends.server1.routes.ext]
      rule = "Host:<fqdn>"

  • Important!

    The domainname of the website made in step 3, needs to match the domainname (ignoring subdomains, if any) of the resource utilizing this authentication proxy.

Questions or bugs

Feel free to open issues in this repository (or in its mirror on GitHub).