使用社交身份验证限制访问静态网站的最简单方法是什么 [英] What is the simplest way to restrict access to a static website using social auth

问题描述

我有一个由 html/css/javascript 文件组成的静态网站.该网站是自动生成的，并且经常更新.

我希望用户使用 Google Sign-in/openID Connect 进行身份验证，而不是使用用户名/密码(基本身份验证)授权访问该网站，然后通过 Gmail 地址白名单控制访问.

最简单的设置方法是什么?

解决方案

我最终使用了 oauth2_proxy正是我要找的.

我配置为执行以下操作:

• oauth2_proxy 监听 0.0.0.0:443
• 当用户连接时，将启动 Google 登录流程
• 登录后，它会根据白名单验证用户的电子邮件地址
• 验证成功后，oauth2_proxy 将请求代理到侦听 127.0.0.1:8080 的上游 nginx 服务器

I have a static website composed of html/css/javascript files. The website is automatically generated and updated frequently.

Instead of authorizing access to the website with a username/password (basic auth), I would like to have users authenticate using Google Sign-in/openID Connect, and then control access via a whitelist of gmail addresses.

What is the simplest way to set this up?

解决方案

I ended up using oauth2_proxy which is exactly what I was looking for.

I configured to do the following:

• oauth2_proxy listens on 0.0.0.0:443
• When a user connects, the Google sign-in flow is initiated
• After sign-in, it validates the user's email address against a whitelist
• After successful validation, oauth2_proxy proxies the request to an upstream nginx server listening on 127.0.0.1:8080

这篇关于使用社交身份验证限制访问静态网站的最简单方法是什么的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！