Google Sign In for Surfer
-
Does adding https://developers.google.com/identity/sign-in/web (Add Google Sign-In to Your Web App) using Javascript sound like a good idea to have a google sign in protected website on surfer?
Is there any other way to add a google oauth to a static pages hosted on surfer?
-
@senthilkumaran are you asking how to make a static web site which uses Google Sign-in ?
I think OAuth always requires a server side component for verification/authorization, but @nebulon knows better.
-
I have to give that snippet a try. OAuth is not always the same and I am not sure what google does here nowadays. Just looking at the example without actually trying, it appears that the client/website obtains an access token with the user's profile. So I think this might just work like this. However since there is no session or active code on the server side to deal with this, all content protection logic has to be done on the client side, which I am then not sure what the benefit of it will be.
-
@girish said in Google Sign In for Surfer:
are you asking how to make a static web site which uses Google Sign-in ?
Yes, I was looking for that.
@nebulon said in Google Sign In for Surfer:
However since there is no session or active code on the server side to deal with this, all content protection logic has to be done on the client side, which I am then not sure what the benefit of it will be.
Yes, I wondered about this too. I didn't know how the client side library will authenticate if I can have direct link to a different path.
@nebulade - on this topic - surfer has password, and ACL authentication. What does it take to add an OAuth authentication to surfer? Is it possible? Is it desirable / or in roadmap? Your thoughts please.
-
@senthilkumaran to be honest I don't think adding further auth providers is something I am planning to do. The aim for Surfer is to be a quite slim static asset server. The current auth which is there was just trivial to add, since there was already the user-interface which was Cloudron auth enabled.
-
@nebulon said in Google Sign In for Surfer:
The aim for Surfer is to be a quite slim static asset server. The current auth which is there was just trivial to add, since there was already the user-interface which was Cloudron auth enabled.
Thank you for this explanation.
I enjoy using it, and it filled in my need for static sites. I previously I used Github pages or Neltify.
Both had limitations and extra management that I avoid with surfer.
A different topic, but one feedback I had with surfer design was, I had to adop token based upload, with managing multiple sites from a single local computer. The global credential was security risk, when one of my site was private.
-
@senthilkumaran not sure if this helps in your case, but I guess you are using the surfer cli to upload and that does support
--tokenand--serverdirectly, so you could write small shell scripts for each site to avoid the risk of uploading to the wrong instance. -
@nebulon said in Google Sign In for Surfer:
so you could write small shell scripts for each site to avoid the risk of uploading to the wrong instance.
Yes, I do the same.
Thank you.
