astra/ntfy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Refine user header code

Browse source
This commit is contained in:
binwiederhier 2023-07-09 21:17:34 -04:00
parent 6a93dc9d54
commit 7126af6d7c
4 changed files with 67 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

14
server/server.yml
View file

@ -95,6 +95,20 @@
# auth-default-access: "read-write"
# auth-startup-queries:
# If set, the value of the defined header will be used as an authenticated user (DANGER DANGER!).
#
# For instance, if "auth-user-header: X-Forwarded-User", a request from a client (or reverse proxy)
# with the header "X-Forwarded-User: myuser" would be authenticated as the user "myuser" without any
# further password checking.
#
# This is useful to integrate ntfy with other authentication systems such as Authelia,
# or Keycloak. This setting can only be set if "behind-proxy" is also set.
#
# WARNING: Be sure that your proxy or auth system manages the defined header, and that attackers
# cannot just pass it manually. Otherwise, they can impersonate any user!
#
# auth-user-header:
# If set, the X-Forwarded-For header is used to determine the visitor IP address
# instead of the remote address of the connection.
#