g-w
commented
5 years ago Hello @adrianmihalko,
in general the solution is to remove the jwt token from the users cookie and redirect him to the login page. But I think this can not be achieved with the caddy http.jwt plugin.
Since it is no problem that a user is authenticated as long as your authorization is correct and denies access to your services to unwanted users, you should consider to give some information to the user on the profile page. You can find some information how to do this here:
https://github.com/tarent/loginsrv#templating
The Section in the template that you have to change is this:
https://github.com/tarent/loginsrv/blob/master/login/login_form.go#L54
I will close this issue for now. If you want to suggest (or better implement a feature) that improves this behavior reopen this issue!
I am followed this great guide about Caddy & OAuth2 authentication and I have one question:
"Now, when you browse to https://auth.int.domain.tld, you will be able to log in using your Google account. Note that anyone will be able to log in here, but not everyone will have access to the protected services. We will limit service access to specific email addresses in the following section."
It is possible to logout and redirect unauthorized users to login page? At this moment everybody can login, but only authorized users are redirected. It would be great to logout unathorised users & redirect to login page.
Best regards, Adrian