Open Pr0mises opened 2 weeks ago
paulzakin
commented
2 weeks ago Hey!
I am pretty swamped right now, so I will not be implementing any additional authentication protocols myself right now. Happy to accept PRs though!
If you are technically inclined and do want to take a look, the authentication server is a really basic Node.js (Express.js) server in one file: https://github.com/successible/cleanslate/blob/main/src/server.ts
paulzakin
commented
2 weeks ago It is also possible this is a very easy lift with a Node library and it will not take me very long, and thus I will do it. I’m just not sure! So any information you can provide here would be very useful for orienting myself to this task.
Pr0mises
commented
2 weeks ago Thank you for your answer. I haven't done much with js and ts but I'll do some research and check some examples to at least provide information.
I already found express oauth/openid modules, so it should be rather easy
Edit: Link: https://github.com/auth0/express-openid-connect
paulzakin
commented
2 weeks ago Ok, I looked at that link. It is a good first step! However, the documentation for that is a bit sparse - what I need most is Authentik/Authelia integration guidelines, as that library heavily features Auth0
Pr0mises
commented
2 weeks ago The integration for auth0, authentik, authelia, keycloak etc should be the same. All need a generic OAuth2 or an Open ID connect. I gonna try to implement something, looks pretty simple. Maybe it's even possible to use the existing JWT for it
paulzakin
commented
2 weeks ago Go for it!
Hey, thank you for this awesome project.
Would it be possible to add OAuth/OpenID or header authentication support so people could e.g. use their existing Authentik instance for user handling? I think that would a reasonable approach as Authentik/Authelia etc is getting pretty popular and people (like me), just want to use selfhosted applications and not depend on google.
Also I'm actually not really happy with the current authentication approach using firebase (meh google) and using one token. I'd like to have another decoupled security layer (Authentik + 2FA) infront of my public applications without authenticate twice.
Again thank you for this awesome project, keep it going.