Implement support for authentication via Auth Proxy

Auth Proxy allows to authenticate a user using an HTTP header provided by an external authentication service. This provides a way to authenticate users in miniflux using authentication schemes not supported by miniflux itself (LDAP, non-Google OAuth2 providers, etc.) and to implement SSO for multiple applications behind single authentication service. Auth Proxy header is checked for the '/' endpoint only, as the rest are protected by the miniflux user/app sessions. Closes #534 Signed-off-by: Pavel Borzenkov <pavel.borzenkov@gmail.com>
2025-09-15 18:57:04 +00:00 · 2020-01-29 13:45:59 +03:00 · 2020-01-29 13:45:59 +03:00 · 7389c79c52
commit 7389c79c52
parent d5adf8b9f6
5 changed files with 159 additions and 1 deletions
--- a/config/parser.go
+++ b/config/parser.go
@ -158,6 +158,10 @@ func (p *Parser) parseLines(lines []string) (err error) {
 			p.opts.httpClientTimeout = parseInt(value, defaultHTTPClientTimeout)
 		case "HTTP_CLIENT_MAX_BODY_SIZE":
 			p.opts.httpClientMaxBodySize = int64(parseInt(value, defaultHTTPClientMaxBodySize) * 1024 * 1024)
+		case "AUTH_PROXY_HEADER":
+			p.opts.authProxyHeader = parseString(value, defaultAuthProxyHeader)
+		case "AUTH_PROXY_USER_CREATION":
+			p.opts.authProxyUserCreation = parseBool(value, defaultAuthProxyUserCreation)
 		}
 	}