Added user tab and oauth2, streamlined readme

2025-12-28 15:14:56 +01:00
parent f8a673cc03
commit be21f46ad5
28 changed files with 3213 additions and 245 deletions
--- a/.env.example
+++ b/.env.example
@@ -28,6 +28,34 @@ ADMIN_PASSWORD=Your-Secure-P@ssw0rd-Here!
 # Public base URL for the application
 BASE_URL=http://localhost:3000

+# =============================================================================
+# OAUTH2/OIDC AUTHENTICATION (OPTIONAL)
+# =============================================================================
+
+# OAuth2/OIDC Provider (works with Authentik, Authelia, Keycloak, etc.)
+# Enable OAuth2 authentication with any OIDC-compliant provider
+OAUTH_ENABLED=false
+OAUTH_PROVIDER_NAME=OAuth2             # Display name (e.g., "Authentik", "Keycloak")
+OAUTH_CLIENT_ID=
+OAUTH_CLIENT_SECRET=
+OAUTH_ISSUER=                          # OIDC discovery URL (e.g., https://auth.example.com/application/o/app/)
+
+# Optional: Override auto-discovered URLs (only if OIDC discovery doesn't work)
+# OAUTH_AUTHORIZATION_URL=
+# OAUTH_TOKEN_URL=
+# OAUTH_USERINFO_URL=
+
+# OAuth Settings
+OAUTH_ALLOW_AUTO_LINKING=false         # Auto-link OAuth to accounts without passwords
+
+# Example for Authentik:
+# OAUTH_ENABLED=true
+# OAUTH_PROVIDER_NAME=Authentik
+# OAUTH_CLIENT_ID=your-client-id
+# OAUTH_CLIENT_SECRET=your-client-secret
+# OAUTH_ISSUER=https://auth.example.com/application/o/caddy-proxy/
+# Redirect URI: {BASE_URL}/api/auth/callback/oauth2
+
 # =============================================================================
 # OPTIONAL: ADVANCED CONFIGURATION
 # =============================================================================