-
-
Notifications
You must be signed in to change notification settings - Fork 162
Add OIDC authentication support #351
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
anujc4
wants to merge
10
commits into
dullage:develop
Choose a base branch
from
anujc4:add_oidc_support
base: develop
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+1,029
−681
Open
Changes from all commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
6259362
feat(deps): add authlib, httpx and itsdangerous for OIDC support
da0acb4
feat(auth): add OIDC methods to base auth class
f4827e2
feat(auth): add OIDC authentication provider
560ac76
feat(config): add OIDC auth type and config options
9561a6d
feat(api): add OIDC routes and session middleware
b256ffc
feat(ui): add OIDC auth type constant
1fac007
feat(ui): add OIDC login button and auto-redirect
ff1f365
feat(ui): handle OIDC redirect in API error handler
20a5cd4
docs: add OIDC authentication setup example
c2d9b94
chore(deps): update package-lock.json
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,123 +1,163 @@ | ||
| <p align="center"> | ||
| <img src="docs/logo.svg" width="300px"></img> | ||
| </p> | ||
| <p align="center"> | ||
| <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/dullage/flatnotes?style=for-the-badge"> | ||
| </p> | ||
|
|
||
| A self-hosted, database-less note-taking web app that utilises a flat folder of markdown files for storage. | ||
|
|
||
| Log into the [demo site](https://demo.flatnotes.io) and take a look around. *Note: This site resets every 15 minutes.* | ||
|
|
||
| ## Contents | ||
|
|
||
| * [Design Principle](#design-principle) | ||
| * [Features](#features) | ||
| * [Getting Started](#getting-started) | ||
| * [Hosted](#hosted) | ||
| * [Self Hosted](#self-hosted) | ||
| * [Roadmap](#roadmap) | ||
| * [Contributing](#contributing) | ||
| * [Sponsorship](#sponsorship) | ||
| * [Thanks](#thanks) | ||
|
|
||
| ## Design Principle | ||
|
|
||
| flatnotes is designed to be a distraction-free note-taking app that puts your note content first. This means: | ||
|
|
||
| * A clean and simple user interface. | ||
| * No folders, notebooks or anything like that. Just all of your notes, backed by powerful search and tagging functionality. | ||
| * Quick access to a full-text search from anywhere in the app (keyboard shortcut "/"). | ||
|
|
||
| Another key design principle is not to take your notes hostage. Your notes are just markdown files. There's no database, proprietary formatting, complicated folder structures or anything like that. You're free at any point to just move the files elsewhere and use another app. | ||
|
|
||
| Equally, the only thing flatnotes caches is the search index and that's incrementally synced on every search (and when flatnotes first starts). This means that you're free to add, edit & delete the markdown files outside of flatnotes even whilst flatnotes is running. | ||
|
|
||
| ## Features | ||
|
|
||
| * Mobile responsive web interface. | ||
| * Raw/WYSIWYG markdown editor modes. | ||
| * Advanced search functionality. | ||
| * Note "tagging" functionality. | ||
| * Customisable home page. | ||
| * Wikilink support to easily link to other notes (`[[My Other Note]]`). | ||
| * Light/dark themes. | ||
| * Multiple authentication options (none, read-only, username/password, 2FA). | ||
| * Restful API. | ||
|
|
||
| See [the wiki](https://github.com/dullage/flatnotes/wiki) for more details. | ||
|
|
||
| ## Getting Started | ||
|
|
||
| ### Hosted | ||
|
|
||
| A quick and easy way to get started with flatnotes is to host it on PikaPods. Just click the button below and follow the instructions. | ||
|
|
||
| [](https://www.pikapods.com/pods?run=flatnotes) | ||
|
|
||
|
|
||
| ### Self Hosted | ||
|
|
||
| If you'd prefer to host flatnotes yourself then the recommendation is to use Docker. | ||
|
|
||
| ### Example Docker Run Command | ||
|
|
||
| ```shell | ||
| docker run -d \ | ||
| -e "PUID=1000" \ | ||
| -e "PGID=1000" \ | ||
| -e "FLATNOTES_AUTH_TYPE=password" \ | ||
| -e "FLATNOTES_USERNAME=user" \ | ||
| -e 'FLATNOTES_PASSWORD=changeMe!' \ | ||
| -e "FLATNOTES_SECRET_KEY=aLongRandomSeriesOfCharacters" \ | ||
| -v "$(pwd)/data:/data" \ | ||
| -p "8080:8080" \ | ||
| dullage/flatnotes:latest | ||
| ``` | ||
|
|
||
| ### Example Docker Compose | ||
| ```yaml | ||
| version: "3" | ||
|
|
||
| services: | ||
| flatnotes: | ||
| container_name: flatnotes | ||
| image: dullage/flatnotes:latest | ||
| environment: | ||
| PUID: 1000 | ||
| PGID: 1000 | ||
| FLATNOTES_AUTH_TYPE: "password" | ||
| FLATNOTES_USERNAME: "user" | ||
| FLATNOTES_PASSWORD: "changeMe!" | ||
| FLATNOTES_SECRET_KEY: "aLongRandomSeriesOfCharacters" | ||
| volumes: | ||
| - "./data:/data" | ||
| # Optional. Allows you to save the search index in a different location: | ||
| # - "./index:/data/.flatnotes" | ||
| ports: | ||
| - "8080:8080" | ||
| restart: unless-stopped | ||
| ``` | ||
|
|
||
| See the [Environment Variables](https://github.com/dullage/flatnotes/wiki/Environment-Variables) article in the wiki for a full list of configuration options. | ||
|
|
||
| ## Roadmap | ||
|
|
||
| I want to keep flatnotes as simple and distraction-free as possible which means limiting new features. This said, I welcome feedback and suggestions. | ||
|
|
||
| ## Contributing | ||
|
|
||
| If you're interested in contributing to flatnotes, then please read the [CONTRIBUTING.md](CONTRIBUTING.md) file. | ||
|
|
||
| ## Sponsorship | ||
|
|
||
| If you find this project useful, please consider buying me a beer. It would genuinely make my day. | ||
|
|
||
| [](https://github.com/sponsors/Dullage) | ||
|
|
||
| ## Thanks | ||
|
|
||
| A special thanks to 2 fantastic open-source projects that make flatnotes possible. | ||
|
|
||
| * [Whoosh](https://whoosh.readthedocs.io/en/latest/intro.html) - A fast, pure Python search engine library. | ||
| * [TOAST UI Editor](https://ui.toast.com/tui-editor) - A GFM Markdown and WYSIWYG editor for the browser. | ||
| <p align="center"> | ||
| <img src="docs/logo.svg" width="300px"></img> | ||
| </p> | ||
| <p align="center"> | ||
| <img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/dullage/flatnotes?style=for-the-badge"> | ||
| </p> | ||
|
|
||
| A self-hosted, database-less note-taking web app that utilises a flat folder of markdown files for storage. | ||
|
|
||
| Log into the [demo site](https://demo.flatnotes.io) and take a look around. _Note: This site resets every 15 minutes._ | ||
|
|
||
| ## Contents | ||
|
|
||
| - [Contents](#contents) | ||
| - [Design Principle](#design-principle) | ||
| - [Features](#features) | ||
| - [Getting Started](#getting-started) | ||
| - [Hosted](#hosted) | ||
| - [Self Hosted](#self-hosted) | ||
| - [Example Docker Run Command](#example-docker-run-command) | ||
| - [Example Docker Compose](#example-docker-compose) | ||
| - [Example Docker Compose with OIDC](#example-docker-compose-with-oidc) | ||
| - [Roadmap](#roadmap) | ||
| - [Contributing](#contributing) | ||
| - [Sponsorship](#sponsorship) | ||
| - [Thanks](#thanks) | ||
|
|
||
| ## Design Principle | ||
|
|
||
| flatnotes is designed to be a distraction-free note-taking app that puts your note content first. This means: | ||
|
|
||
| - A clean and simple user interface. | ||
| - No folders, notebooks or anything like that. Just all of your notes, backed by powerful search and tagging functionality. | ||
| - Quick access to a full-text search from anywhere in the app (keyboard shortcut "/"). | ||
|
|
||
| Another key design principle is not to take your notes hostage. Your notes are just markdown files. There's no database, proprietary formatting, complicated folder structures or anything like that. You're free at any point to just move the files elsewhere and use another app. | ||
|
|
||
| Equally, the only thing flatnotes caches is the search index and that's incrementally synced on every search (and when flatnotes first starts). This means that you're free to add, edit & delete the markdown files outside of flatnotes even whilst flatnotes is running. | ||
|
|
||
| ## Features | ||
|
|
||
| - Mobile responsive web interface. | ||
| - Raw/WYSIWYG markdown editor modes. | ||
| - Advanced search functionality. | ||
| - Note "tagging" functionality. | ||
| - Customisable home page. | ||
| - Wikilink support to easily link to other notes (`[[My Other Note]]`). | ||
| - Light/dark themes. | ||
| - Multiple authentication options (none, read-only, username/password, 2FA). | ||
| - Restful API. | ||
|
|
||
| See [the wiki](https://github.com/dullage/flatnotes/wiki) for more details. | ||
|
|
||
| ## Getting Started | ||
|
|
||
| ### Hosted | ||
|
|
||
| A quick and easy way to get started with flatnotes is to host it on PikaPods. Just click the button below and follow the instructions. | ||
|
|
||
| [](https://www.pikapods.com/pods?run=flatnotes) | ||
|
|
||
| ### Self Hosted | ||
|
|
||
| If you'd prefer to host flatnotes yourself then the recommendation is to use Docker. | ||
|
|
||
| ### Example Docker Run Command | ||
|
|
||
| ```shell | ||
| docker run -d \ | ||
| -e "PUID=1000" \ | ||
| -e "PGID=1000" \ | ||
| -e "FLATNOTES_AUTH_TYPE=password" \ | ||
| -e "FLATNOTES_USERNAME=user" \ | ||
| -e 'FLATNOTES_PASSWORD=changeMe!' \ | ||
| -e "FLATNOTES_SECRET_KEY=aLongRandomSeriesOfCharacters" \ | ||
| -v "$(pwd)/data:/data" \ | ||
| -p "8080:8080" \ | ||
| dullage/flatnotes:latest | ||
| ``` | ||
|
|
||
| ### Example Docker Compose | ||
|
|
||
| ```yaml | ||
| version: "3" | ||
|
|
||
| services: | ||
| flatnotes: | ||
| container_name: flatnotes | ||
| image: dullage/flatnotes:latest | ||
| environment: | ||
| PUID: 1000 | ||
| PGID: 1000 | ||
| FLATNOTES_AUTH_TYPE: "password" | ||
| FLATNOTES_USERNAME: "user" | ||
| FLATNOTES_PASSWORD: "changeMe!" | ||
| FLATNOTES_SECRET_KEY: "aLongRandomSeriesOfCharacters" | ||
| volumes: | ||
| - "./data:/data" | ||
| # Optional. Allows you to save the search index in a different location: | ||
| # - "./index:/data/.flatnotes" | ||
| ports: | ||
| - "8080:8080" | ||
| restart: unless-stopped | ||
| ``` | ||
|
|
||
| See the [Environment Variables](https://github.com/dullage/flatnotes/wiki/Environment-Variables) article in the wiki for a full list of configuration options. | ||
|
|
||
| ### Example Docker Compose with OIDC | ||
|
|
||
| When configuring your OIDC provider, set the callback/redirect URL to: | ||
|
|
||
| ``` | ||
| https://your-flatnotes-domain.com/api/auth/oidc/callback | ||
| ``` | ||
|
|
||
| ```yaml | ||
| version: "3" | ||
|
|
||
| services: | ||
| flatnotes: | ||
| container_name: flatnotes | ||
| image: dullage/flatnotes:latest | ||
| environment: | ||
| PUID: 1000 | ||
| PGID: 1000 | ||
| FLATNOTES_AUTH_TYPE: "oidc" | ||
| FLATNOTES_OIDC_PROVIDER_URL: "https://accounts.google.com" | ||
| FLATNOTES_OIDC_CLIENT_ID: "your-client-id.apps.googleusercontent.com" | ||
| FLATNOTES_OIDC_CLIENT_SECRET: "your-client-secret" | ||
| FLATNOTES_SECRET_KEY: "aLongRandomSeriesOfCharacters" | ||
| # Optional: restrict access to specific users | ||
| # FLATNOTES_OIDC_ALLOWED_USERS: "user1@gmail.com,user2@gmail.com" | ||
| # Optional: display name for the OIDC provider (default: "OIDC") | ||
| # FLATNOTES_OIDC_PROVIDER_NAME: "Google" | ||
| # Optional: automatically redirect to OIDC login (default: false) | ||
| # FLATNOTES_OIDC_AUTO_REDIRECT: "true" | ||
| volumes: | ||
| - "./data:/data" | ||
| ports: | ||
| - "8080:8080" | ||
| restart: unless-stopped | ||
| ``` | ||
|
|
||
| ## Roadmap | ||
|
|
||
| I want to keep flatnotes as simple and distraction-free as possible which means limiting new features. This said, I welcome feedback and suggestions. | ||
|
|
||
| ## Contributing | ||
|
|
||
| If you're interested in contributing to flatnotes, then please read the [CONTRIBUTING.md](CONTRIBUTING.md) file. | ||
|
|
||
| ## Sponsorship | ||
|
|
||
| If you find this project useful, please consider buying me a beer. It would genuinely make my day. | ||
|
|
||
| [](https://github.com/sponsors/Dullage) | ||
|
|
||
| ## Thanks | ||
|
|
||
| A special thanks to 2 fantastic open-source projects that make flatnotes possible. | ||
|
|
||
| - [Whoosh](https://whoosh.readthedocs.io/en/latest/intro.html) - A fast, pure Python search engine library. | ||
| - [TOAST UI Editor](https://ui.toast.com/tui-editor) - A GFM Markdown and WYSIWYG editor for the browser. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -17,4 +17,5 @@ export const authTypes = { | |
| readOnly: "read_only", | ||
| password: "password", | ||
| totp: "totp", | ||
| oidc: "oidc", | ||
| }; | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this was my editor trying to be clever and formatted the markdown file, happy to revert back and just add my changes in.