jk
commented
2 years ago In more general terms, OP wants LinkAce to support forward authentication. Besides authelia, there're quite a bunch projects like it:
- authentik
- keycloak
- oauth2-proxy (not fully sure if it's forward auth, but it's indeed somewhat similar)
- and even more comerical ones
In regard to the SSO issue #174 already open, I would like to add Auth-Proxys like authelia (GitHub) as an option. The requests get answered by the proxy that authenticates the user and adds X-Server headers to the request containing the username and email. The proxy then forwards the request to the application. LinkAce then only has to check for the presence of said header and check if a user with that username/email exists and automatically logs said user in.
So in summary LinkAce would have to do zero crypto/security and just skips authentication as long as the user in the header exists. If not it probably would be best to just fall back to the default authentication.