使用社交身份验证限制访问静态网站的最简单方法是什么 [英] What is the simplest way to restrict access to a static website using social auth

问题描述

我有一个由html / css / javascript文件组成的静态网站。该网站是自动生成和经常更新的。

I have a static website composed of html/css/javascript files. The website is automatically generated and updated frequently.

我不想让用户使用用户名/密码（基本身份验证）访问网站，而是希望用户使用Google进行身份验证登录/ openID，然后通过gmail地址白名单控制访问。

Instead of authorizing access to the website with a username/password (basic auth), I would like to have users authenticate using Google Sign-in/openID Connect, and then control access via a whitelist of gmail addresses.

最简单的设置方法是什么？

What is the simplest way to set this up?

推荐答案

我最终使用了 oauth2_proxy

I ended up using oauth2_proxy which is exactly what I was looking for.

我配置为执行以下操作：

I configured to do the following:

• oauth2_proxy侦听0.0.0.0:443


• 用户连接时，将启动Google登录流程


• 登录后进来，它根据白名单验证用户的电子邮件地址


• 成功验证后，oauth2_proxy将请求代理到上游nginx服务器，监听127.0.0.1:8080

• oauth2_proxy listens on 0.0.0.0:443
• When a user connects, the Google sign-in flow is initiated
• After sign-in, it validates the user's email address against a whitelist
• After successful validation, oauth2_proxy proxies the request to an upstream nginx server listening on 127.0.0.1:8080

这篇关于使用社交身份验证限制访问静态网站的最简单方法是什么的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！