3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 18:36:30 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/docs/guides/tiddlywiki.md

2 KiB
Raw Blame History

title lang meta description
TiddlyWiki en-US
name content
keywords pomerium identity-access-proxy wiki tiddlywiki
This guide covers how to add authentication and authorization to a hosted, fully, online instance of TiddlyWiki.

Securing TiddlyWiki on Node.js

This guide covers using Pomerium to add authentication and authorization to an instance of TiddlyWiki on NodeJS.

What is TiddlyWiki on Node.js

TiddlyWiki is a personal wiki and a non-linear notebook for organizing and sharing complex information. It is available in two forms:

We are using the Node.js application in this guide.

Where Pomerium fits

TiddlyWiki allows a simple form of authentication by using authenticated-user-header parameter of listen command. Pomerium provides the ability to login with well-known identity providers.

Pre-requisites

This guide assumes you have already completed one of the quick start guides, and have a working instance of Pomerium up and running. For purpose of this guide, We will use docker-compose, though any other deployment method would work equally well.

Configure

Pomerium Config

jwt_claims_headers: email
policy:
- from: https://wiki.example.local
  to: http://tiddlywiki:8080
  allowed_users:
    - reader1@example.com    
    - writer1@example.com

Docker-compose

<<< @/examples/tiddlywiki/docker-compose.yaml

That's it

Navigate to your TiddlyWiki instance (e.g. https://wiki.example.local) and log in:

  • as reader1@example.com: user can read the wiki, but there is no create new tiddler button is show up.

  • as writer1@example.com: user can read the wiki and create new tiddlers.

  • as another email: pomerium displays a permission denied error.