feat: add Casdoor SSO integration as auth provider#57
Open
NicoBernardes wants to merge 2 commits into
Open
Conversation
Integrate Casdoor as an external identity provider while keeping built-in auth as the default. When auth.provider=casdoor, login and registration redirect to Casdoor via OAuth 2.0, and a callback handler creates/links local users by email. - Add CasdoorConfig and AuthConfig to configuration system - Add godotenv for .env file loading with .env.example template - Add Casdoor Go SDK service wrapper (signin/signup URLs, code exchange) - Add OAuth callback handler with find-or-create user flow - Redirect login/register to Casdoor with Inertia-compatible external redirects - Use SameSite=Lax for cookies when Casdoor is active (required for OAuth) - Pass auth provider to frontend via shared Inertia props - Show "managed by identity provider" on password settings when using Casdoor - Add Docker Compose for local Casdoor development - Add casdoor/README.md with setup instructions - Add .env to .gitignore, .env.example for developer reference Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove all built-in login/register/password-reset/email-verification flows - Login and Register now always redirect to Casdoor SSO - Logout clears local session and redirects to Casdoor logout - Strip AuthClient down to Login/Logout/GetAuthenticatedUser (session only) - Remove LoadValidPasswordToken middleware and password-related route names - Remove password change from profile settings (managed by Casdoor) - Simplify account deletion (no password confirmation needed) - Delete all frontend Auth pages (Login, Register, ForgotPassword, etc.) - Add graceful error handling when Casdoor is unreachable - Always use SameSite=Lax for cookies (required for OAuth redirects) - Update tests to match simplified auth surface Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
docker compose up -d casdoor)casdoor/README.mdwith full setup instructions and.env.examplefor configurationKey changes
config/config.go&config/config.yaml— Auth configuration with Casdoor settingspkg/services/casdoor.go— Casdoor SDK wrapper (signin/signup URLs, code exchange, reachability check)pkg/handlers/casdoor.go— OAuth callback handler with find-or-create user flowpkg/handlers/auth.go— Login/Register redirect to Casdoor, logout via Casdoorpkg/handlers/router.go— SameSite=Lax cookie policy for OAuth redirectspkg/middleware/inertia_props.go— Pass auth provider to frontend shared propsdocker-compose.yml— Casdoor all-in-one container on port 8100Test plan
docker compose up -d casdoorand configure a Pagode application in Casdoor admin (http://localhost:8100).env.exampleto.envand fill in Casdoor credentialsgo build -o /dev/null ./cmd/webcompiles successfully🤖 Generated with Claude Code