Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Discuss
  3. Automatic Login for Externally Authenticated Users

Automatic Login for Externally Authenticated Users

Scheduled Pinned Locked Moved Discuss
3 Posts 2 Posters 266 Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C Offline
    C Offline
    crazybrad
    wrote on last edited by
    #1

    Is there a way to present either a Cloudron username+password, username+temporary app password or web token in a GET or POST request
    to allow a user to log into their Cloudron account (preferred) or individually to each app?

    I have a PHP application with 2FA required to authenticate users and once they are authenticated, I would like to give them the option of navigating to their Cloudron dashboard or individual apps without a login screen. A simple use case would be presenting a navigation menu item (Email), and when the user selected this option, a new window would open {SoGo, SnappyMail or Roundcube) with the user already logged into their email account.

    Any suggestions?

    Other Considerations: Main PHP application does not have LDAP. Application and Cloudron accounts will be linked by same username. Cloudron API App Passwords (https://docs.cloudron.io/api.html#tag/App-Passwords) seems helpful (if login could be automatic), but there is no time-based expiration on app passwords like JWTs.

    1 Reply Last reply
    1
    • girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by
      #2

      I think to automatically login to SoGO/SnappyMail/Roundcube requires assistance from those apps. Currently, those apps use LDAP/IMAP authentication internally to auth a user. So, you have to implement an authentication scheme in those apps itself to let you login as the right user/mailbox .

      I got a few hits for roundcube + jwt + sso , so maybe you can explore those.

      1 Reply Last reply
      0
      • C Offline
        C Offline
        crazybrad
        wrote on last edited by
        #3

        @girish Thanks for the suggestion. Sounds like I will need to pursue this idea on an app by app basis, rather than signing on as a Cloudron user. If I am successful, I will share the results so that others can benefit as well.

        1 Reply Last reply
        3
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes


        • Login

        • Don't have an account? Register

        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search