loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

commit 010559516934bbe1c92d0744e539d697e92b1f9c
parent 8fa4e1692eefc59e49b81cbfbeea5355be7fd952
Author: Sebastian Mancke <sebastian.mancke@snabble.io>
Date:   Sat, 19 Jan 2019 18:00:32 +0100

t push origin masterMerge branch 'magikstm-issue-102'

Diffstat:
MREADME.md | 16++++++++--------
Mcaddy/README.md | 4++++
2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md @@ -72,8 +72,8 @@ _Note for Caddy users_: Not all parameters are available in Caddy. See the table | -logout-url | string | | X | URL or path to redirect to after logout | | -osiam | value | | X | OSIAM login backend opts: endpoint=..,client_id=..,client_secret=.. | | -port | string | "6789" | - | Port to listen on | -| -redirect | boolean | true | X | Allow dynamic overwriting of the the success by query parameter (default true) | -| -redirect-query-parameter | string | "backTo" | X | URL parameter for the redirect target (default "backTo") | +| -redirect | boolean | true | X | Allow dynamic overwriting of the the success by query parameter | +| -redirect-query-parameter | string | "backTo" | X | URL parameter for the redirect target | | -redirect-check-referer | boolean | true | X | Check the referer header to ensure it matches the host header on dynamic redirects | | -redirect-host-file | string | "" | X | A file containing a list of domains that redirects are allowed to, one domain per line | | -simple | value | | X | Simple login backend opts: user1=password,user2=password,.. | @@ -141,12 +141,12 @@ Performs the login and returns the JWT. Depending on the content-type and parame #### Possible Return Codes -| Code | Meaning | Description | -|------| ----------------------|----------------------------| -| 200 | OK | Successfully authenticated | -| 403 | Forbidden | The credentials are wrong | -| 400 | Bad Request | Missing parameters | -| 500 | Internal Server Error | Internal error, e.g. the login provider is not available or failed | +| Code | Meaning | Description | +|------| ----------------------|---------------------------------------------------------------------------------------------------------------------------| +| 200 | OK | Successfully authenticated | +| 403 | Forbidden | The credentials are wrong | +| 400 | Bad Request | Missing parameters | +| 500 | Internal Server Error | Internal error, e.g. the login provider is not available or failed | | 303 | See Other | Sets the JWT as a cookie, if the login succeeds and redirect to the URLs provided in `redirectSuccess` or `redirectError` | Hint: The status `401 Unauthorized` is not used as a return code to not conflict with an HTTP Basic authentication. diff --git a/caddy/README.md b/caddy/README.md @@ -20,6 +20,10 @@ for different server blocks, only the first one will be stored in enviroment env and a custom one in the same caddyfile. If you want to have better control, of the integration with caddy-jwt, e.g. for multiple server blocks, you should configure the jwt behaviour in caddy-jwt with the `secret` or `publickey` directives. +## Cookie Name +You can configure the cookie name by `cookie_name`. By default loginsrv and http.jwt use the same cookie name for the JWT token. +If you don't use the default, set related param `token_source cookie my_cookie_name` in http.jwt. + ### Basic configuration Provide a login resource under /login, for user bob with password secret: ```