note-mark
note-mark copied to clipboard
enchant97
Disable security or control the cookie expiration
Does it fit the projects scope?
- [X] This is relevant
Why?
I am using a reverse proxy for auth, so I prefer not having to re-login to the KB every day.
Solution?
Can you provide a docker env var to disable authentication and just set a default username? Or can you provide a mechanism to set the cookie expiration to a far away date.
Alternatives?
No response
Extra Context
No response
I found TOKEN_EXPIRY and am trying that, I didn't see initially (I keep having trouble not finding the docs to your project).
docker env: TOKEN_EXPIRY: 5184000 # 60-days
There is currently no way to integrate with other auth mechanisms. TOKEN_EXPIRY is a suitable way of increasing the limit.
I keep having trouble not finding the docs to your project
Not sure how, it's linked in the project README and added as the project website in the about section. Here's a link as well: https://notemark.docs.enchantedcode.co.uk/docs/
It only accepts the number of seconds until expiry and cannot currently be disabled.
How do you currently provide authentication through your reverse proxy?
In the future I plan to add external authentication via OAuth2, since this is what the app uses internally already.
For something like this, I'm just using basic auth in caddy since it doesn't have anything super sensitive.
Thanks for responding.
It would be really nice to be able to disable authentication when using proxies with Authentik or Authelia which can do forward auth or domain specific authentication already. Don't know about the user selection, it seems that we may need to be able to configure a default one?
Of course this would be a quick fix for a more general SAML or OIDC SSO implementation.
I'm deploying this in Docker behind Traefik and Authelia, would be nice to have Authelia OIDC integration or able to disable the inbuild auth
