top | item 40722618

(no title)

gtsteve | 1 year ago

I'd make it a pluggable middleware with a document on how to implement your own and provide a reference configuration that uses something like Vouch [0] which will redirect the user to another identity provider.

You could also provide another implementation that implements Cloudflare's zero trust authentication [1].

[0] https://github.com/vouch/vouch-proxy

[1] https://developers.cloudflare.com/cloudflare-one/identity/au...

In other words, I don't think I'd want to actually take responsibility for authentication these days and use an authenticating proxy. The less security infrastructure you have, the less there is to go out of date.

You can always start with this approach and then implement your own built-in user directory later.

discuss

No comments yet.