New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authentication #107

Closed
tibo opened this Issue Jan 28, 2011 · 19 comments

Comments

Projects
None yet
8 participants
@tibo

tibo commented Jan 28, 2011

Hi

How can I manage authentication on Gollum? is there a way to manage user's right?
How can I handle http authentication?

Thx
Thibaut

@technoweenie

This comment has been minimized.

Contributor

technoweenie commented Jan 28, 2011

Gollum has no sense of users. This needs to be handled outside of the core gollum library.

@tibo

This comment has been minimized.

tibo commented Feb 19, 2011

and how to manage the contributor name at the bottom of the page? it always show "Anonymous" for me...

@technoweenie

This comment has been minimized.

Contributor

technoweenie commented Feb 19, 2011

That should be set to the git user. What does git config user.name show you?

@tibo

This comment has been minimized.

tibo commented Feb 20, 2011

my name on my workstation, nothing on the server

@eggie5

This comment has been minimized.

eggie5 commented Mar 5, 2011

If I wanted to add some sense of user accounts (more than just the git config username or the person who initially created the repo) what would be required? I just want to change the user who is committing. I haven't looked at the source yet, but would it be a simple change?

@technoweenie

This comment has been minimized.

Contributor

technoweenie commented Mar 5, 2011

eggie5: Sessions, user data with storage in some database, and a whole login/password reset workflow. This is out of scope for the default Gollum sinatra app. I'd recommend building something based on the basic Gollum frontend.

@eggie5

This comment has been minimized.

eggie5 commented Mar 5, 2011

technoweenie: ok i'll look into editing the frontend dir. I see the code here where I would insert user/email:

wiki = Gollum::Wiki.new(settings.gollum_path, settings.wiki_options)

I could also implement some simple auth logic. I see what I need to do. Do you know of anybody who's added this already? So I don't have to reinvent the wheel?

@technoweenie

This comment has been minimized.

Contributor

technoweenie commented Mar 5, 2011

With Gollum specifically? No. You could look at Devise for doing authentication stuff though. Though I believe it may be Rails only. Something like OmniAuth works well if you'd just like to authenticate over OAuth2 (GitHub/Twitter/Facebook).

@eggie5

This comment has been minimized.

eggie5 commented Mar 5, 2011

Cool, so it seems like I should only have to edit the frontend directory to add my auth and I should to touch the /lib directory or any internals. Does that sound correct?

@technoweenie

This comment has been minimized.

Contributor

technoweenie commented Mar 5, 2011

I'd do it as a separate Sinatra miniapp that just used Gollum as a dependency. Then you don't have to worry about merging in changes to Gollum itself.

@eggie5

This comment has been minimized.

eggie5 commented Mar 5, 2011

ah ok - i'll just interface the gollum gem w/ rails or sinatra...

@hferentschik

This comment has been minimized.

hferentschik commented Nov 2, 2011

I'd do it as a separate Sinatra miniapp that just used Gollum as a dependency.

Do you have an example for that? How would that look like?

@hferentschik

This comment has been minimized.

hferentschik commented Nov 2, 2011

I found a solution. Not sure whether it is the best, but maybe someone finds this useful. I am running gollum as a rack app and start it via config.ru which looked like this:

require "rubygems"
Bundler.require(:default)

require "gollum/frontend/app"

Precious::App.set(:gollum_path, '<repo-path>')
Precious::App.set(:wiki_options, {})
run Precious::App

I changed it to:

require "rubygems"
Bundler.require(:default)

require "gollum/frontend/app"

use Rack::Auth::Basic, "Restricted Area" do |username, password|
   [username, password] == ['admin', 'admin']
end

Precious::App.set(:gollum_path, '<repo-path>')
Precious::App.set(:wiki_options, {})
run Precious::App

and this enables basic authentication. Enough for my use case.

@technoweenie

This comment has been minimized.

Contributor

technoweenie commented Nov 3, 2011

That's why Gollum is written like that. It's just a Rack app, wrap it up in whatever middleware you want. If you require more, just use the ruby API and write your own controllers. That's how we integrate Gollum into GitHub.

@rnkn

This comment has been minimized.

rnkn commented Feb 1, 2012

How might one protect only certain URLs, e.g. /edit/*? I've tried to implement the below example from http://www.sinatrarb.com/faq.html#auth without success.

helpers do

  def protected!
    unless authorized?
      response['WWW-Authenticate'] = %(Basic realm="Restricted Area")
      throw(:halt, [401, "Not authorized\n"])
    end
  end

  def authorized?
    @auth ||=  Rack::Auth::Basic::Request.new(request.env)
    @auth.provided? && @auth.basic? && @auth.credentials && @auth.credentials == ['admin', 'admin']
  end

end

get '/' do
  "Everybody can see this page"
end

get '/edit/' do
  protected!
  "Welcome, authenticated client"
end

Any ideas?

@tekknolagi

This comment has been minimized.

tekknolagi commented May 13, 2014

@hferentschik with something like that, how might you go about setting the user/owner of a page or page edit?

@tekknolagi

This comment has been minimized.

tekknolagi commented May 13, 2014

Errr, this is super old.

@Geremia

This comment has been minimized.

Geremia commented Mar 12, 2016

@tibo See omnigollum, "Omniauth authentication for gollum."

@rgroux

This comment has been minimized.

Contributor

rgroux commented Mar 14, 2016

@tibo
you can check the wiki, i wrote it and it work well for me.

https://github.com/gollum/gollum/wiki/Gollum-via-Rack-and-CAS-SSO

you can addapt to you needs.

Actually, i use it at work with jassig cas, and at home with rubycas, and totp

This issue was closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment