server icon indicating copy to clipboard operation
server copied to clipboard

Published 20 hours ago verified publisher icon traggo

Support for authelia (SSO)

Open TheFrazer opened this issue 3 years ago • 9 comments

Is your feature request related to a problem? Please describe. I am using a SSO (authelia) infront of all my services. Having to login a second time to traggo is something I would like to eliminate.

Describe the solution you'd like Some auth-proxys (like authelia) add header to each request. Applications secured by such a SSO then just need to check for the HTTP header and automatically login the user. In my case a Remote-User header which contains the username is set. Would it be possible to add an option to look for such a header and autologin the user if present? It doesn't have any security strings attached, since all security relevant parts are done by the auth server.

TheFrazer avatar Jun 23 '21 18:06 TheFrazer

It would be possible, but I don't think that a lot of users are affected by this, thus, I don't think it is worth the effort to implement / maintain this.

jmattheis avatar Jun 24 '21 20:06 jmattheis

Ok, that's understandable. I got it roughly to work, but good enough for me (never used Go before). If you want to, you can close this issue. Otherwise I would leave it open in case others are interested.

TheFrazer avatar Aug 02 '21 15:08 TheFrazer

shame. I would have liked to use this with authelia too

c-nv-s avatar Aug 04 '21 20:08 c-nv-s

@c-nv-s I ended up adding this piece of code in the reqisterUser (not a typo, thats the correct method name :P) method in the middleware.go file in the auth folder. Just at the top. Be aware that I never worked with Go and my code doesn't add a proper device or even create a session, but you get logged in if your username exists and it seems to work for me...

header := request.Header.Get("Remote-User")
if len(header) != 0 {
    log.Debug().Str("header", header).Msg("login with Header")

    user := &model.User{}
    if db.Where("name = ?", header).Find(user).RecordNotFound() {
        log.Warn().Str("user", header).Msg("User from Header not found")
    } else {
        return request.WithContext(WithUser(request.Context(), user))
    }
}

TheFrazer avatar Aug 04 '21 20:08 TheFrazer

Its been a couple years since this was requested. I think due to the growing number of self hosted applications everyone wants to make their logins easier. Is this something that can be revisited?

rpoovey avatar Feb 28 '23 14:02 rpoovey

Sure, I'm open to accept PRs for this feature, tho the build pipeline should probably be fixed / migrated to github before that.

jmattheis avatar Mar 03 '23 16:03 jmattheis

I'd like to upvote this feature request. It would be very useful for me and surely for many others.

max-tet avatar Dec 04 '23 17:12 max-tet

While we are not using authelia we would love to see SSO. OIDC would probably be great to see :)

Leptopoda avatar Dec 20 '23 21:12 Leptopoda

This feature would be nice. OIDC is perfectly fine with me. :)

b1tray3r avatar Jun 02 '24 11:06 b1tray3r