loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

commit 62fd8a0b013f976458df54db43ba442b94463f3f
parent bc4066a1ae81ed819732cdb7a85db2a6fd01c04c
Author: Sebastian Mancke <s.mancke@tarent.de>
Date:   Tue,  2 May 2017 13:13:12 +0200

readme updates

Diffstat:
MREADME.md | 34+++++++++++++++++++---------------
Mcaddy/README.md | 16++++++++--------
2 files changed, 27 insertions(+), 23 deletions(-)

diff --git a/README.md b/README.md @@ -17,34 +17,40 @@ It can be used as: * golang library * or as [caddyserver](http://caddyserver.com/) plugin. -## Supported Provider +## Supported Provider Backends The following providers (login backends) are supported. -- [Htpasswd](#htpasswd) -- [Osiam](#osiam) -- [Simple](#simple) (user/password pairs by configuration) - -## Future Planed Features -- Support for 3-leged-Oauth2 flow (OSIAM, Google, Facebook login) +* [Htpasswd](#htpasswd) +* [Osiam](#osiam) +* [Simple](#simple) (user/password pairs by configuration) +* [Oauth2](#oauth2) +** Github Login +** .. google and facebook will come soon .. ## Configuration and Startup ### Config Options The configuration parameters are as follows. ``` - -backend value - Backend configuration in form 'provider=name,key=val,key=...', can be declared multiple times -cookie-http-only Set the cookie with the http only flag (default true) -cookie-name string The name of the jwt cookie (default "jwt_token") + -github value + Oauth config in the form: client_id=..,client_secret=..[,scope=..,][redirect_uri=..] -host string The host to listen on (default "localhost") + -htpasswd value + Htpasswd login backend opts: file=/path/to/pwdfile -jwt-secret string The secret to sign the jwt token (default "random key") -log-level string The log level (default "info") + -osiam value + Osiam login backend opts: endpoint=..,client_id=..,client_secret=.. -port string The port to listen on (default "6789") + -simple value + Simple login backend opts: user1=password,user2=password,.. -success-url string The url to redirect after login (default "/") -text-logging @@ -52,17 +58,16 @@ The configuration parameters are as follows. ``` ### Environment Variables -All of the above Config Options can also be applied as environment variable, where the options name ist written in the way: `LOGINSRV_OPTION_NAME`. +All of the above Config Options can also be applied as environment variable, where the name is written in the way: `LOGINSRV_OPTION_NAME`. So e.g. `jwt-secret` can be set by environment variable `LOGINSRV_JWT_SECRET`. -To configure multiple backends by environment variable, they can be named in the way: `LOGINSRV_BACKEND, LOGINSRV_BACKEND_FOO, LOGINSRV_BACKEND_BAR, ..` ### Startup examples The most simple way to use loginsrv is by the provided docker container. E.g. configured with the simple provider: ``` -$ docker run -d -p 80:80 tarent/loginsrv -jwt-secret my_secret -backend provider=simple,bob=secret +$ docker run -d -p 80:80 tarent/loginsrv -jwt-secret my_secret -simple bob=secret -$ curl --data "username=bob&password=secret" 127.0.0.1:3000/login +$ curl --data "username=bob&password=secret" 127.0.0.1/login eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJib2IifQ.uWoJkSXTLA_RvfLKe12pb4CyxQNxe5_Ovw-N5wfQwkzXz2enbhA9JZf8MmTp9n-TTDcWdY3Fd1SA72_M20G9lQ ``` @@ -71,7 +76,6 @@ The same configuration could be written with enviroment variables in the way: $ docker run -d -p 80:80 -e LOGINSRV_JWT_SECRET=my_secret -e LOGINSRV_BACKEND=provider=simple,bob=secret tarent/loginsrv ``` - ## API ### GET /login @@ -87,7 +91,7 @@ Starts the Oauth Web Flow with the configured provider. E.g. `GET /login/github` ### POST /login -Does the login and returns the JWT. Depending on the content-type, and parameters a classical JSON-Rest or a redirect can be performed. +Perfoms the login and returns the JWT. Depending on the content-type, and parameters a classical JSON-Rest or a redirect can be performed. #### Runtime Parameters diff --git a/caddy/README.md b/caddy/README.md @@ -1,7 +1,7 @@ # loginsrv caddy middleware Login plugin for caddy, based on [tarent/loginsrv](https://github.com/tarent/loginsrv). -The login is checked against a middleware and then returned as JWT token. +The login is checked against a backend and then returned as JWT token. This middleware is designed to play together with the [caddy-jwt](https://github.com/BTBurke/caddy-jwt) plugin. ## Configuration @@ -13,19 +13,19 @@ so that caddy-jwt looks up the same shared secret. Providing a login resource unter /login, for user bob with password secret: ``` loginsrv / { - backend provider=simple,bob=secret + simple bob=secret } ``` ### Full configuration example ``` -loginsrv / { +login / { success-url /after/login cookie-name alternativeName cookie-http-only true - backend provider=simple,bob=secret - backend provider=osiam,endpoint=http://localhost:8080,clientId=example-client,clientSecret=secret - backend provider=htpasswd,file=users + simple bob=secret + osiam endpoint=http://localhost:8080,client_id=example-client,client_secret=secret + htpasswd file=users } ``` @@ -41,7 +41,7 @@ jwt { allow sub bob } -loginsrv / { - backend provider=simple,bob=secret,alice=secret +login / { + simple bob=secret,alice=secret } ```