traverseda

Be aware that if you're trying to use cookie sub-domains (so you can use an example.com cookie on foo.example.com) it's not going to work on `localhost` based domains. I think...

A bit of an easier start then OIDC. Forward auth is pretty simple, the view returns 2xx is the user is allowed to view that url, `403 Forbidden` if they're...

>Then we could add another table which just links the URLs to specific groups or users. Yep, that's the idea. I'm not sure how sessions work in that whole scheme,...

As an aside with these two features this project has pretty much the same features as a slapd+keycloak+authelia setup, except it's *much* easier to deploy and doesn't take ~600mb+ of...

Session cookies are definitely being a pain, there are two ways to do it and one of them is going to require a real domain name instead of localhost. So...

Worked on a chunk of the javacript stuff, a lot of getting the CORS headers to work cleanly. Still having issues with setting the cookies though, think I'm going to...

HTTP basic auth was always on my list, I wanted to get cross-domain cookie auth working first though. Unfortunately that's being a pain, and I worry that cookie policies in...

>Isnt it somehow possible to redirect to a login form and then return the response to the proxy or is this only possible with cookies Unfortunately it's not. The CORS...

@sonicnkt Just hopefully added support for network based whitelisting. It didn't break anything, but I haven't tested it.

It's necessary to have domain-based routing working, which is *not* necessary for http basic auth, but would be necessary for proxied-web-form/cookie auth. I had considered going back and taking just...