Projects onedev server Issues #960
#960  External authentication database
andrzej opened 1 month ago

We would like to integrate onedev with other apps used by us. To do that we would like to use a separate database for authentication. This database would store credentials to authenticate users which would be used by our other apps. We would like to store passwords in PBKDF2 format in that database. Is that somehow possible? or could it be possible?

Artur commented 1 month ago

@robin we can offer sponsorship for the development of this feature.

The authentication DB would be shared between a few apps, so user can login to each app using the same login credentials.

Ideally, we would like to have something similar to what we have in Tigase. That is we can point the 1dev or Tigase to a DB for user authentication only. We normally use stored procedures with auth information as arguments for authentication which just return a null if authentication fails or user_id if authentication is successful.

Here is an example stored procedure we use for Tigase:

It would be very convenient to us to have something similar for 1dev.

Robin Shen commented 1 month ago

Using separate auth database in OneDev will complicate things. If you have a central auth database, why not develop an authentication app providing OAuth authentication service using this database, then OneDev and any other third party apps can be configured to authenticated via this authentication service.

Artur commented 1 month ago

Hm, this is an approach I did not think about. What do you think @andrzej? Is it an option for us?

jbauer commented 1 month ago

Yeah really sounds like you want an identity provider and provider OAuth 2 / OpenID functionality.

Out of my head I would explore Keycloak or Ory Hydra (and all the other Ory components they provide):

Keycloak is a full solution while Ory Hydra can be used to build a custom solution.

Robin Shen changed state to 'Closed' 1 month ago
Previous Value Current Value
issue 1 of 1
Support Request
Issue Votes (0)
Watchers (5)
issue onedev/server#960
Please wait...
Page is in error, reload to recover