mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-22 01:36:29 -05:00
Add dev docs about user profiles and authentication
Closes #463 Closes #451 Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
parent
37f973f800
commit
2d05f0cd77
2 changed files with 88 additions and 0 deletions
87
docs/content/dev/authentication.md
Normal file
87
docs/content/dev/authentication.md
Normal file
|
@ -0,0 +1,87 @@
|
||||||
|
# User Profiles and Authentication
|
||||||
|
Each user in HedgeDoc 2 has a profile
|
||||||
|
which contains the following information:
|
||||||
|
|
||||||
|
- username (`janedoe`)
|
||||||
|
- display name (`Jane Doe`)
|
||||||
|
- email address, optional (`janedoe@example.com`)
|
||||||
|
- profile picture, optional
|
||||||
|
- the date the user was created
|
||||||
|
- the date the profile was last updated
|
||||||
|
|
||||||
|
HedgeDoc 2 supports multiple authentication methods per user.
|
||||||
|
These are called *identities* and each identity is backed by an
|
||||||
|
auth provider (like OAuth, SAML, LDAP or internal auth).
|
||||||
|
|
||||||
|
One of a users identities may be marked as *sync source*.
|
||||||
|
This identity is used to automatically update profile attributes like the
|
||||||
|
display name or profile picture on every login. If a sync source exists, the
|
||||||
|
user can not manually edit their profile information.
|
||||||
|
If an external provider was used to create the account,
|
||||||
|
it is automatically used as sync source.
|
||||||
|
|
||||||
|
The administrator may globally set one or more auth providers as sync source,
|
||||||
|
e.g. to enforce that all profile information comes from the corporate
|
||||||
|
LDAP and is the same across multiple applications.
|
||||||
|
If global sync sources exist, new accounts can only be created using
|
||||||
|
these auth providers. The auth provider that was used to create the account
|
||||||
|
is automatically set as sync source and cannot be changed by the user.
|
||||||
|
This effectively pins the account to this provider.
|
||||||
|
|
||||||
|
## Example: Corporate LDAP
|
||||||
|
The administrator wants to allow users to log in via the corporate LDAP
|
||||||
|
and Google. Login must only be possible for users present in LDAP and
|
||||||
|
all users must be displayed as they are in the LDAP.
|
||||||
|
|
||||||
|
The admin therefore sets up two login providers:
|
||||||
|
|
||||||
|
- corporate LDAP, marked as global sync source
|
||||||
|
- Google OAuth login
|
||||||
|
|
||||||
|
If a new user tries to log in via Google, they will not be found in the
|
||||||
|
database. The frontend detects that a global sync source exists and
|
||||||
|
suggests logging in via LDAP first.
|
||||||
|
|
||||||
|
After a new user created their account by logging in via LDAP, they can use
|
||||||
|
the 'add a new login method' feature in their profile page to link their
|
||||||
|
Google account and use it to login afterwards.
|
||||||
|
|
||||||
|
## Example: Username Conflict
|
||||||
|
HedgeDoc is configured with two auth providers.
|
||||||
|
|
||||||
|
- A user logs in using auth provider A.
|
||||||
|
- The backend recieves the profile information from provider A and notices that the username in the profile
|
||||||
|
already exists in the database, but no identity for this provider-username combination exists.
|
||||||
|
- The backend creates a new user with another username to solve the username conflict.
|
||||||
|
- The frontend warns the user that the username provided by the auth provider is already taken and that another
|
||||||
|
username has been generated. It also offers to instead link the new auth provider (in this case A) with the
|
||||||
|
existing auth provider (in this case B).
|
||||||
|
- If the user chooses the latter option, the frontend sends a request to delete the newly created user to the backend.
|
||||||
|
- The user can then log in with auth provider B and link provider A using the "link auth provider" feature in
|
||||||
|
the profile page.
|
||||||
|
|
||||||
|
### Handling of sync sources and username conflicts
|
||||||
|
|
||||||
|
#### Global sync sources
|
||||||
|
If at the time of logging in with auth provider A, *only* A is configured as a *global* sync source,
|
||||||
|
the backend cannot automatically create a user with another username.
|
||||||
|
|
||||||
|
This is because:
|
||||||
|
|
||||||
|
- Creating new accounts is only possible with a sync source auth provider.
|
||||||
|
- Setting an auth provider as sync-source entails that profile information the auth provider provides must be
|
||||||
|
saved into the local HedgeDoc database.
|
||||||
|
- As the username the auth provider provides already exists in the database, a new user cannot be created with
|
||||||
|
that username.
|
||||||
|
|
||||||
|
In this case, the frontend should show the use a notice that they should contact an admin to resolve the issue.
|
||||||
|
|
||||||
|
!!! warning
|
||||||
|
Admins must ensure that usernames are unique across all auth providers set as a global sync source.
|
||||||
|
Otherwise, if e.g. in both LDAPs configured as sync source a user `johndoe` exists,
|
||||||
|
only the first that logs in can use HedgeDoc.
|
||||||
|
|
||||||
|
#### Local sync sources
|
||||||
|
If auth provider A is configured as a sync source by the user, syncing is automatically disabled, and a notice is shown.
|
||||||
|
Re-enabling the sync source is not possible until the username conflict is resolved, e.g. by changing the username
|
||||||
|
in the auth provider.
|
|
@ -11,6 +11,7 @@ nav:
|
||||||
Toolbar: interface/toolbar.md
|
Toolbar: interface/toolbar.md
|
||||||
- Developer:
|
- Developer:
|
||||||
- '2.0 Development': dev/2.0.md
|
- '2.0 Development': dev/2.0.md
|
||||||
|
- 'User Profiles & Authentication': dev/authentication.md
|
||||||
- Configuration: dev/config.md
|
- Configuration: dev/config.md
|
||||||
- 'Documentation': dev/documentation.md
|
- 'Documentation': dev/documentation.md
|
||||||
- FAQ: https://hedgedoc.org/faq
|
- FAQ: https://hedgedoc.org/faq
|
||||||
|
|
Loading…
Reference in a new issue