Skip to content

Commit

Permalink
Merge pull request #2646 from VTimofeenko/add-logout-url
Browse files Browse the repository at this point in the history 
Add logout-url option to Nix module
  • Loading branch information
@eikek
eikek committed May 24, 2024
2 parents 3a43ad4 + a2ae339 commit d0681a1
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions nix/modules/server.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ with lib; let
auth = {
server-secret = "hex:caffee";
session-valid = "5 minutes";
on-account-source-conflict = "fail";
remember-me = {
enabled = true;
valid = "30 days";
Expand All @@ -111,6 +112,7 @@ with lib; let
scope = "profile";
authorize-url = null;
token-url = null;
logout-url = "";
user-url = null;
sign-key = "";
sig-algo = "RS256";
Expand Down Expand Up @@ -323,6 +325,19 @@ in {
will get a new one periodically.
'';
};
on-account-source-conflict = mkOption {
type = types.enum ["fail" "convert"];
default = defaults.auth.on-account-source-conflict;
description = ''
Accounts can be local or defined at a remote provider and
integrated via OIDC. If the same account is defined in both
sources, docspell by default fails if a user mixes logins (e.g.
when registering a user locally and then logging in with the
same user via OIDC). When set to `convert` docspell treats it as
being the same and simply updates the account to reflect the new
account source.
'';
};
remember-me = mkOption {
type = types.submodule {
options = {
Expand Down Expand Up @@ -424,6 +439,11 @@ in {
default = defaults.openid.provider.token-url;
description = "The URL used to retrieve the token.";
};
logout-url = mkOption {
type = types.str;
default = defaults.openid.provider.logout-url;
description = "The URL used for user's logout.";
};
user-url = mkOption {
type = types.nullOr types.str;
default = defaults.openid.provider.user-url;
Expand Down

0 comments on commit d0681a1

Please sign in to comment.