Skip to content

Commit

Permalink
📝 docs: improve docs (lobehub#1585)
Browse files Browse the repository at this point in the history
  • Loading branch information
@arvinxx
arvinxx authored Mar 15, 2024
1 parent 3979679 commit 1c75a5b
Show file tree
Hide file tree
Showing 17 changed files with 80 additions and 107 deletions.
13 changes: 6 additions & 7 deletions docs/self-hosting/advanced/authentication.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ LobeChat supports the configuration of external identity verification services f

Currently supported identity verification services include:

- [Auth0](/en/self-hosting/sso-providers/auth0)
- [Microsoft Entra ID](/en/self-hosting/sso-providers/microsoft-entra-id)
- [Auth0](/en/self-hosting/advanced/sso-providers/auth0)
- [Microsoft Entra ID](/en/self-hosting/advanced/sso-providers/microsoft-entra-id)

Click on the links to view the corresponding platform's configuration documentation.

Expand All @@ -15,14 +15,13 @@ To simultaneously enable multiple identity verification sources, please set the

The order corresponds to the display order of the SSO providers.

| SSO Provider | Value |
| --- | --- |
| Auth0 | auth0 |
| SSO Provider | Value |
| ------------------ | -------- |
| Auth0 | auth0 |
| Microsoft Entra ID | azure-ad |

## Other SSO Providers

Please refer to the [NextAuth.js][next-auth-js] documentation and feel free to submit a Pull Request.


[next-auth-js]: https://next-auth.js.org/providers
[next-auth-js]: https://next-auth.js.org/providers
13 changes: 6 additions & 7 deletions docs/self-hosting/advanced/authentication.zh-CN.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ LobeChat 支持配置外部身份验证服务,供企业 / 组织内部使用

目前支持的身份验证服务有:

- [Auth0](/zh/self-hosting/sso-providers/auth0)
- [Microsoft Entra ID](/zh/self-hosting/sso-providers/microsoft-entra-id)
- [Auth0](/zh/self-hosting/advanced/sso-providers/auth0)
- [Microsoft Entra ID](/zh/self-hosting/advanced/sso-providers/microsoft-entra-id)

点击链接可以查看对应平台的配置文档。

Expand All @@ -15,14 +15,13 @@ LobeChat 支持配置外部身份验证服务,供企业 / 组织内部使用

顺序为 SSO 提供商的显示顺序。

| SSO 提供商 ||
| --- | --- |
| Auth0 | auth0 |
| SSO 提供商 | |
| ------------------ | -------- |
| Auth0 | auth0 |
| Microsoft Entra ID | azure-ad |

## 其他 SSO 提供商

请参考 [NextAuth.js][next-auth-js] 文档,欢迎提交 Pull Request。


[next-auth-js]: https://next-auth.js.org/providers
[next-auth-js]: https://next-auth.js.org/providers
27 changes: 13 additions & 14 deletions docs/self-hosting/advanced/sso-providers/auth0.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,19 +40,18 @@ import { Callout, Steps } from 'nextra/components';

When deploying LobeChat, you need to configure the following environment variables:

| Environment Variable | Type | Description |
| --------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `ENABLE_OAUTH_SSO` | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on. |
| `NEXTAUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32` |
| `SSO_PROVIDERS` | Optional | Select the single sign-on provider for LoboChat. Use `auth0` for Auth0. |
| `AUTH0_CLIENT_ID` | Required | Client ID of the Auth0 application |
| `AUTH0_CLIENT_SECRET` | Required | Client Secret of the Auth0 application |
| `AUTH0_ISSUER` | Required | Domain of the Auth0 application, `https://example.auth0.com` |
| `ACCESS_CODE` | Required | Add a password to access this service. You can set a sufficiently long random password to "disable" access code authorization. |
| `NEXTAUTH_URL` | Optional | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |


You can refer to the related variable details at [Environment Variables](/en/self-hosting/environment-variable#auth0).
| Environment Variable | Type | Description |
| --------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `ENABLE_OAUTH_SSO` | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on. |
| `NEXTAUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32` |
| `SSO_PROVIDERS` | Optional | Select the single sign-on provider for LoboChat. Use `auth0` for Auth0. |
| `AUTH0_CLIENT_ID` | Required | Client ID of the Auth0 application |
| `AUTH0_CLIENT_SECRET` | Required | Client Secret of the Auth0 application |
| `AUTH0_ISSUER` | Required | Domain of the Auth0 application, `https://example.auth0.com` |
| `ACCESS_CODE` | Required | Add a password to access this service. You can set a sufficiently long random password to "disable" access code authorization. |
| `NEXTAUTH_URL` | Optional | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |

<Callout type={'info'}>You can refer to the related variable details at [📘Environment Variables](/en/self-hosting/environment-variable#auth0).</Callout>
</Steps>

<Callout>
Expand Down Expand Up @@ -89,4 +88,4 @@ If your enterprise or organization needs to support external user logins, you ca

[auth0-client-page]: https://manage.auth0.com/dashboard
[auth0-login-actions-manual]: https://auth0.com/blog/permit-or-deny-login-requests-using-auth0-actions/
[auth0-sso-integrations]: https://marketplace.auth0.com/features/sso-integrations
[auth0-sso-integrations]: https://marketplace.auth0.com/features/sso-integrations
26 changes: 13 additions & 13 deletions docs/self-hosting/advanced/sso-providers/auth0.zh-CN.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,21 +39,21 @@ import { Callout, Steps } from 'nextra/components';

在部署 LobeChat 时,你需要配置以下环境变量:

| 环境变量 | 类型 | 描述 |
| ------------------------ | ------------ | ----------------------------------------------------------------------------------------- |
| `ENABLE_OAUTH_SSO` | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。 |
| `NEXTAUTH_SECRET` | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥: `openssl rand -base64 32` |
| `SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Auth0 请填写 `auth0`|
| `AUTH0_CLIENT_ID` | 必选 | Auth0 应用程序的 Client ID |
| `AUTH0_CLIENT_SECRET` | 必选 | Auth0 应用程序的 Client Secret |
| `AUTH0_ISSUER` | 必选 | Auth0 应用程序的 Domain,`https://example.auth0.com` |
| `ACCESS_CODE` | 必选 | 添加访问此服务的密码,你可以设置一个足够长的随机密码以 “禁用” 访问码授权 |
| `NEXTAUTH_URL` | 可选 | 该URL用于指定 Auth.js 在执行 OAuth 验证时的回调地址,当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |

前往 [环境变量](/zh/self-hosting/environment-variable#auth0) 可查阅相关变量详情。
| 环境变量 | 类型 | 描述 |
| --------------------- | -- | ------------------------------------------------------------------------------------------- |
| `ENABLE_OAUTH_SSO` | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。 |
| `NEXTAUTH_SECRET` | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥: `openssl rand -base64 32` |
| `SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Auth0 请填写 `auth0` |
| `AUTH0_CLIENT_ID` | 必选 | Auth0 应用程序的 Client ID |
| `AUTH0_CLIENT_SECRET` | 必选 | Auth0 应用程序的 Client Secret |
| `AUTH0_ISSUER` | 必选 | Auth0 应用程序的 Domain,`https://example.auth0.com` |
| `ACCESS_CODE` | 必选 | 添加访问此服务的密码,你可以设置一个足够长的随机密码以 “禁用” 访问码授权 |
| `NEXTAUTH_URL` | 可选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址,当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |

<Callout type={'info'}> 前往 [📘 环境变量](/zh/self-hosting/environment-variable#auth0) 可查阅相关变量详情。</Callout>
</Steps>

<Callout>部署成功后,用户将可以使用 Auth0 中配置的用户通过身份认证并使用 LobeChat。</Callout>
<Callout type={'info'}>部署成功后,用户将可以使用 Auth0 中配置的用户通过身份认证并使用 LobeChat。</Callout>

## 进阶配置

Expand Down
37 changes: 16 additions & 21 deletions docs/self-hosting/advanced/sso-providers/microsoft-entra-id.mdx
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
import { Callout, Steps } from 'nextra/components';

# Configuration of Microsoft Entra ID Authentication Service

<Steps>
Expand All @@ -21,7 +19,7 @@ import { Callout, Steps } from 'nextra/components';
</Callout>

![App Register](https://github.com/lobehub/lobe-chat/assets/13883964/4f9d83bd-b3fc-4abc-bcf4-ccbad65c219d)

Click on "Register".

After successfully creating the application, click on the corresponding application to enter the application details page, and switch to the "Overview" tab to view the corresponding configuration information.
Expand All @@ -32,10 +30,7 @@ import { Callout, Steps } from 'nextra/components';

![Create App Client Secret](https://github.com/lobehub/lobe-chat/assets/13883964/c9d66fa0-158c-4bd3-a1fa-969e638259d2)

<Callout type={'info'}>
- Please make sure to save your client secret as this is your only chance to view it.
</Callout>

<Callout type={'info'}>Please make sure to save your client secret as this is your only chance to view it.</Callout>

### Add Users

Expand All @@ -45,17 +40,18 @@ import { Callout, Steps } from 'nextra/components';

When deploying LobeChat, you need to configure the following environment variables:

| Environment Variable | Type | Description |
| ------------------------ | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `ENABLE_OAUTH_SSO` | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on. |
| `NEXTAUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate the key using the following command: `openssl rand -base64 32` |
| `SSO_PROVIDERS` | Required | Select the single sign-on provider for LoboChat. Use `azure-ad` for Microsoft Entra ID. | |
| `AZURE_AD_CLIENT_ID` | Required | Client ID of the Microsoft Entra ID application. |
| `AZURE_AD_CLIENT_SECRET` | Required | Client Secret of the Microsoft Entra ID application. |
| `AZURE_AD_TENANT_ID` | Required | Tenant ID of the Microsoft Entra ID application. |
| `ACCESS_CODE` | Required | Add a password for accessing this service, you can set a sufficiently long random password to "disable" access code authorization. |
| `NEXTAUTH_URL` | Optional | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. It is only necessary to set it when the default generated redirect address is incorrect. `https://example.com/api/auth` |
You can refer to [environment variables](/en/self-hosting/environment-variable#microsoft-entra-id) for details on related variables.
| Environment Variable | Type | Description | |
| ------------------------ | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | - |
| `ENABLE_OAUTH_SSO` | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on. | |
| `NEXTAUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate the key using the following command: `openssl rand -base64 32` | |
| `SSO_PROVIDERS` | Required | Select the single sign-on provider for LoboChat. Use `azure-ad` for Microsoft Entra ID. | |
| `AZURE_AD_CLIENT_ID` | Required | Client ID of the Microsoft Entra ID application. | |
| `AZURE_AD_CLIENT_SECRET` | Required | Client Secret of the Microsoft Entra ID application. | |
| `AZURE_AD_TENANT_ID` | Required | Tenant ID of the Microsoft Entra ID application. | |
| `ACCESS_CODE` | Required | Add a password for accessing this service, you can set a sufficiently long random password to "disable" access code authorization. | |
| `NEXTAUTH_URL` | Optional | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. It is only necessary to set it when the default generated redirect address is incorrect. `https://example.com/api/auth` | |

<Callout type={'info'}>You can refer to [📘 environment variables](/en/self-hosting/environment-variable#microsoft-entra-id) for details on related variables.</Callout>
</Steps>

<Callout>After successful deployment, users will be able to authenticate and use LobeChat using the users configured in Microsoft Entra ID.</Callout>
Expand All @@ -68,7 +64,6 @@ Please explore further in the [Microsoft Entra ID Learning Center][microsoft-lea

- [Quickstart: Register an app][microsoft-entra-register-app]

[microsoft-learn-entra]: https://learn.microsoft.com/en-us/entra/identity/
[microsoft-entra-register-app]: https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app
[microsoft-azure-portal]: https://portal.azure.com/
[microsoft-entra-id]: https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-id
[microsoft-entra-register-app]: https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app
[microsoft-learn-entra]: https://learn.microsoft.com/en-us/entra/identity/
Loading

0 comments on commit 1c75a5b

Please sign in to comment.