docker-sso-server
docker-sso-server copied to clipboard
soulteary
Potential documentation improvement?
I found myself hard to understand the documentation. These are the main issues:
- It's not immediately clear what is a "license file". Is it a license key required to use this software? If so how do I purchase it?
- The traefik integration remains mysterious. Despite the related issue being closed, the documentation only says "This program can also be used as the backend of traefik forward auth.", but there is no mentioning of how it should be done (also the link in #2 is broken, it should be this). It's pretty easy if one understands the concepts, but I'd still suggest put a full forward auth example in
example/howto-use-traefik. - Correct me if I'm wrong: when using as a forward auth provider, one can not make policy-based decision for different routes (paths). Take self-hosted analytics product for example, normally you would want to block the whole site from anonymous users (since it's the dashboard page), however the tracking script should be publicly available (since it could be embedded anywhere).
Thanks for your feedback.
It is free software, individuals and small teams don't need to pay anything.
- In view of this, I provide an online authorization file (
license file) generation tool, you can set your user name and email as you want, as your authentication elements in the authorization environment. - If the user information you set is
jokerand[email protected], then in actual use, theusernameandemailfields that your application will get are the above values.
About traefik forward auth integration, I will write an article to introduce it later, the actual use requires some pre-knowledge. Regarding the use case, I will check the availability later.
Based on the fine-grained authorization of different paths and identities, I will consider adding them gradually in the next version. Currently, the distinction is indeed based on whether to access anonymously, just like outline.
If you have any questions or suggestions, please continue to discuss or contact me.
So the "license" here is just an encoded text containing username and email which is used to login, is that correct? In that case, why not just base64 them and eliminate the use of an online generator?
What you said makes sense, and I think maybe this step can be simplified next.
The reason why users are currently required to generate authorization files by themselves, as I mentioned in the previous post, is that the current functions are only a small part of the software, and do not involve user management and some different authentication schemes.
https://github.com/outline/outline/issues/1881#issuecomment-900792198
The original purpose of writing this software was. Earlier, my friend invited me to write a set of software for sale to enterprises, so I did not plan to open source the source code, just like FusionAuth. And this docker image was originally provided only for my blog readers and readers' WeChat group.
I don't think the online license generator works... Actually it never worked for me. I played with it multiple times, both months ago and few minutes ago. Sometimes the POST request just hangs forever, there is no response. And other times there is always an empty response like this:
The license is authorized to my readers, tester<[email protected]>
Please copy and properly save the encrypted information below:
But there is no content below, I inspected with Chrome devtool, that's literally all the content the server returned.
Sorry, the service was adjusted before, and this api was omitted. Later, I guessed that there was a problem with the communication between ngx-php and ngx-njs.
// Because the previous readers have used it correctly, I ignored/forgot this api.