Hacky. Use at own risk. Issues/PRs welcome.
Alternatively, you may set up IndieAuth using a third-party service, as described in this Cookbook recipe.
While the original Selfauth is based on using a dedicated password-based login, this version relies on the Kirby user login.
- The configuration routine (from setup.php) has been reduced to the essentials needed for setting up with Kirby: no setting of a password, no auto-creation of a config.php file
- Instead of the config.php file, configuration is stored in the config options at
- When not logged in, only verification requests by other clients are processed; the later parts of the code (anything related to login/authentication) are only executed after logging in to Kirby
- Internally, the Kirby user ID is used instead of a password; this allows to tie the configuration to one user only (i.e. the user who runs the initial setup; other users on the same site can not use IndieAuth)
- No authentication password has to be entered when authenticating a client (since the user is already identified via Kirby); the password field in the form has been hidden and carries a dummy text, to minimize rewrite need of the application logic
- Minor changes to some error messages
- Removed some redundancies/checks for old PHP versions, as Kirby always runs on PHP 7
Installation and setup
Download and copy this repository to
<?= selfauthEndpoint() ?> to your template's HTML <head> (often located at
site/snippets/header.php or similar).
https://your-domain.tld/auth-setup in your browser, log in if not already logged in, and copy the output into your options array at
Go to https://indieauth.com/ and enter your website URL to the "Try it" field. Your browser will lead you through the authentication flow, and return debug info or a "You Successfully Authenticated!" page.
The plugin can be configured with optional settings in your
To change the URL of the authentication endpoint (default is
https://domain.tld/auth), add the following setting and change the string as desired:
'sgkirby.selfauth.endpoint' => 'auth',
The URL of the setup URL changes accordingly (it always is the value of
Kirby 3 Selfauth is open-sourced software licensed under the MIT license.
Copyright © 2020 Sebastian Greger
It is discouraged to use this plugin in any project that promotes racism, sexism, homophobia, animal abuse, violence or any other form of hate speech.