Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication and authorization #29

Open
cpfeiffer opened this issue Sep 19, 2024 · 2 comments
Open

Authentication and authorization #29

cpfeiffer opened this issue Sep 19, 2024 · 2 comments

Comments

@cpfeiffer
Copy link

Thanks a lot for neogrok, I love it!

In a corporate setting, it may be required to provide the search interface behind authentication and even further, to provide search results, based on the authenticated user's permissions to the git repositories being indexed by zoekt.

If this is of any interest to you, you could have a look at our implementation at https://github.com/GEBIT/neogrok/commits/gebit/ (beware, JS and SvelteKit rookies here).

In order to handle permissions at the repository level, we made a custom version of zoekt, which additionally gets information about the users + their repository permissions, and the user doing the search.
@isker
Copy link
Owner

isker commented Sep 19, 2024

Cool. I have left auth up to a reverse proxy sitting in front of neogrok in my own deployments, but that does not allow for this kind of granular auth at all.

@cpfeiffer
Copy link
Author

Good point, one could implement this e.g. with apache mod-openidc and rely on the RemoteUser header being set. Only passing that value to zoekt would be needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cpfeiffer @isker