Comment on The first publicly open instance
mcchots@sh.itjust.works 3 weeks agoI have oidc setup in both foregejo and Audiobookshelf with authentik as the provider.
Comment on The first publicly open instance
mcchots@sh.itjust.works 3 weeks agoI have oidc setup in both foregejo and Audiobookshelf with authentik as the provider.
Noggog@programming.dev 3 weeks ago
What youre talking about is having an app refer to authentik to find out who a user is.
Internet -> audiobookshelf -> asks authentik who it is
In addition to that, you can set pangolin up so that it doesnt even hit that app in the first place at all unless the user is already signed into authentik.
Internet -> pangolin makes user log into authentik before forwarding along -> audiobookshelf -> asks authentik who it is
So if the app in question has a security vulnerability, its not a problem because no one even gets to the app at all to begin to try to exploit it unless they’ve logged into authentik first.