Open bluecraank opened 10 months ago
You're definitely not wrong. Just dont really want people exposing the admin portal anywhere regardless, I tend to use it over an SSH forward
I think what Im going to do for this is just use an OIDC provider to log in instead of implementing 2fa myself. It makes it a bit easier on me.
I have now added an oidc provider to the admin page which can be configured via the management ui json setting:
ManagementUI struct {
usualWeb
Enabled bool
Debug bool
OIDC struct {
AdminDomainURL string
IssuerURL string
ClientSecret string
ClientID string
Enabled bool
} `json:",omitempty"`
} `json:",omitempty"`
Still needs so work in terms of, adding the oidc admin to the admin users list. And potentially if people want, restrictions.
Sweet all that minus the restrictions are done. If people want this to be part of a groups claim or whatnot add it to this issue. Otherwise this feature is now completed
There should be a option to enable 2fa for admin portal