search

BTBurke / caddy-jwt

JWT middleware for the Caddy server
MIT License
113 stars 40 forks source link

Added redirect option for simple login flows. #13

Closed smancke closed 7 years ago

smancke commented 7 years ago

Hi, here is a proposal for a redirect option. I hope, you like it.

I have started a login middleware for caddy at https://github.com/tarent/loginsrv With this redirect option, both play nicely together.

BTBurke commented 7 years ago

Thanks for your contribution. Its thanksgiving over here so I won't have a chance to look at it in detail until next week.

Looks really useful. I thought something like this was already possible with other Caddy commands, so I'll have to do a little research before I merge this.

On Nov 24, 2016, at 12:33 AM, Sebastian Mancke notifications@github.com wrote:

Hi, here is a proposal for a redirect option. I hope, you like it.

I have started a login middleware for caddy at https://github.com/tarent/loginsrv With this redirect option, both play nicely together.

You can view, comment on, or merge this pull request online at:

https://github.com/BTBurke/caddy-jwt/pull/13

Commit Summary

Added redirect option for simple login flows. File Changes

M README.md (4) M config.go (7) M config_test.go (16) M jwt.go (22) M jwt_test.go (33) Patch Links:

https://github.com/BTBurke/caddy-jwt/pull/13.patch https://github.com/BTBurke/caddy-jwt/pull/13.diff — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

smancke commented 7 years ago

Happy Thanksgiving! No need to rush :)

I already checked the caddy commands before implementing this, but didn't found a solution:

smancke commented 7 years ago

Hi Bryan, is there any chance to get this in?

BTBurke commented 7 years ago

I'm going to put this in. I'm moving internationally right now so haven't had time to mess with it.

On Dec 28, 2016, at 8:14 PM, Sebastian Mancke notifications@github.com wrote:

Hi Bryan, is there any change to get this in?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

smancke commented 7 years ago

ok, cool!

ghost commented 5 years ago

This works really well. I'd like to suggest an extension allowing to specify a different redirection URI for cases when the token is absent/invalid/expired (meaning you have to go through the login flow) and when it's rejected by the allow/deny authorization rules (meaning the flow would typically stop here with an access denied message).

The distinction is made in the return codes, so it would make sense to consider it also in the redirects.

It seems doable but unfortunately I'm not familiar enough with Go to submit a PR... Is this something you could consider implementing?