Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth Login #409

Open
deadda7a opened this issue Dec 5, 2023 · 4 comments
Open

OAuth Login #409

deadda7a opened this issue Dec 5, 2023 · 4 comments

Comments

@deadda7a
Copy link

deadda7a commented Dec 5, 2023

Hey,

I'm not sure if this is really an issue or I'm not seeing something obvious. My docspell instance has OAuth as the only way to login, hence the users are not "local" users and don't have a password. So I have the same problem with both the API and DSC: I can't login, since I can't give a password. And also not a session token, because I would need to login to get one.

I've also read through the source code a bit, but didn't get far.
Any help would be appreciated :)

Sebastian Elisa
@eikek
Copy link
Member

eikek commented Dec 6, 2023

Oh, I'm afraid this is not implemented :/ Currently you'd need to login via web and extract the session token.

@deadda7a
Copy link
Author

deadda7a commented Dec 6, 2023

Thanks for the info it at least brings me the peace of mind it's not me! I've a feature request... :)

Is there a way to increase the validity of the session token? I was doing that, but at the moment it is only 30sec (?) which is not enough to do anything, and I'm sometimes even to slow to extract it from the developer console in the browser and copy it to my Terminal.

@eikek
Copy link
Member

eikek commented Dec 6, 2023

No it's not you :) Doing this openid stuff is a bit of a hassle to implement, but that should absolutely be done at some point.

You can for now extends the session token validity in the config file, look for session-valid (it is default 5 minutes). But don't set it too high, there is currently this bug eikek/docspell#2309 waiting to get triggered :) You can get a new token using a valid one by POSTing to /sec/auth/session. Then I think you should be able to get dsc into its "authenticated state": just manually create the file that it would create on login. It is at ~/.config/dsc/dsc-token.json and looks like this:

 {
  "collective": "<your collective>",
  "user": "<your user>",
  "success": true,
  "message": "Login successful",
  "require_second_factor": false,
  "token": "<the token>",
  "valid_ms": 300000
}

Then dsc should get a new token automatically once this one is close to expire (obviously, adopt as necessary).

@deadda7a
Copy link
Author

deadda7a commented Dec 6, 2023

I can imagine :(

Oh is it 5min? Mine started to invalidate very fast, although I'm not sure if I didn't set it lower in the config and I can't check at the moment-

Anyway thanks for the idea, I'll try that!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@eikek @deadda7a