mirror
/
wg-easy
mirror of https://github.com/wg-easy/wg-easy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

move docs to own page

dev-oauth
Bernd Storath 1 week ago
parent
eade34a495
commit
35fe838e88
2 changed files with 50 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 50
      docs/content/advanced/config/external-authentication.md
  2. 22
      docs/content/advanced/config/optional-config.md

50
docs/content/advanced/config/external-authentication.md
View File

@ -0,0 +1,50 @@
---
title: External Authentication
---
## OAuth
### Providers
To enable OAuth set the env var `OAUTH_PROVIDERS` to any of the following providers:
| Provider | Value |
| ----------------- | -------- |
| [Google](#google) | `google` |
| [GitHub](#github) | `github` |
You can enable multiple providers by separating them with a comma:
e.g. `google,github`
### Google
<!-- TODO support allowed domain -->
| Env | Required | Example | Description |
| ----------------------------- | -------- | -------------------------------- | ----------------------------------------- |
| `OAUTH_GOOGLE_CLIENT_ID` | ✔️ | `123.apps.googleusercontent.com` | Google Client ID |
| `OAUTH_GOOGLE_CLIENT_SECRET` | ✔️ | `GOCSPX-xxx` | Google Client Secret |
| `OAUTH_GOOGLE_ALLOWED_DOMAIN` | ✖️ | `example.com` | Restrict login to a specific email domain |
#### Setup
1. Go to [Google Cloud Console](https://console.cloud.google.com/apis/credentials)
2. Create an OAuth 2.0 Client ID (Web application)
3. Add Authorized redirect URI: `https://<your-domain>/api/auth/google/callback`
4. Copy the Client ID and Client Secret to the environment variables
### GitHub
| Env | Required | Example | Description |
| ---------------------------- | -------- | ------- | -------------------- |
| `OAUTH_GITHUB_CLIENT_ID` | ✔️ | `xxx` | GitHub Client ID |
| `OAUTH_GITHUB_CLIENT_SECRET` | ✔️ | `xxx` | GitHub Client Secret |
### Generic OIDC
TODO
### Generic OAuth
TODO

22
docs/content/advanced/config/optional-config.md
View File

@ -21,25 +21,3 @@ You will however still see a IPv6 address in the Web UI, but it won't be used.
This option can be removed in the future, as more devices support IPv6.
///
## Google OAuth
You can enable Google OAuth login alongside classic username/password authentication. When enabled, a "Sign in with Google" button appears on the login page.
| Env | Default | Example | Description |
| ----------------------------- | ------- | -------------------------------- | ----------------------------------------- |
| `OAUTH_GOOGLE_ENABLED` | `false` | `true` | Enable Google OAuth login |
| `OAUTH_GOOGLE_CLIENT_ID` | - | `123.apps.googleusercontent.com` | Google OAuth 2.0 Client ID |
| `OAUTH_GOOGLE_CLIENT_SECRET` | - | `GOCSPX-xxx` | Google OAuth 2.0 Client Secret |
| `OAUTH_GOOGLE_ALLOWED_DOMAIN` | - | `example.com` | Restrict login to a specific email domain |
/// note | Google Cloud Console Setup
1. Go to [Google Cloud Console](https://console.cloud.google.com/apis/credentials)
2. Create an OAuth 2.0 Client ID (Web application)
3. Add Authorized redirect URI: `https://<your-domain>/api/auth/google/callback`
4. Copy the Client ID and Client Secret to the environment variables
If a user logs in with Google and their email matches an existing account, the accounts are automatically linked.
///

Write Preview
Loading…
Cancel
Save