Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • 09:58
    casbin-bot review_requested #1347
  • 09:58
    casbin-bot review_requested #1347
  • 09:58
    casbin-bot review_requested #1347
  • 09:58
    casbin-bot commented #1347
  • 09:58
    imchell opened #1347
  • 08:03
    casbin-bot review_requested #1346
  • 08:03
    casbin-bot review_requested #1346
  • 08:03
    casbin-bot review_requested #1346
  • 08:03
    casbin-bot commented #1346
  • 08:03
    jakiuncle opened #1346
  • 07:09
    casbin-bot commented #1345
  • 07:09
    casbin-bot labeled #1345
  • 07:09
    casbin-bot assigned #1345
  • 07:09
    shangqianjin opened #1345
  • 04:11
    hsluoyz unlabeled #1344
  • 04:11
    hsluoyz labeled #1344
  • 03:05
    casbin-bot assigned #1344
  • 03:05
    casbin-bot labeled #1344
  • 03:05
    casbin-bot commented #1344
  • 03:05
    NTDO opened #1344
hsluoyz
@hsluoyz
@ckgroup8 you can do F12 at our demo site, and know how we call API in frontend
Thambolo
@Thambolo

Hi I am receiving an error response "securecookie: the value is too long" when saving the session cookie in my gin application, how do I work around this issue?

func SetSessionClaims(c *gin.Context, claims *auth.Claims) {
    session := sessions.Default(c)
    if claims == nil {
        session.Delete("user")
        return
    }

    session.Set("user",  *claims)

    if err := session.Save(); err != nil {
        panic(err)
    }
}

after searching the web, it seems to be related to gorilla sessions as seen auth0-samples/auth0-golang-web-app#4

hsluoyz
@hsluoyz
@Thambolo it seems that Gin's session size is much smaller than Beego we usually use. Can you try to reduce the data in claims (e.g. delete values)? claims are merely used by yourself to remember the logged-in user session info
Thambolo
@Thambolo
@hsluoyz Thanks, will use redis/memcache to solve this issue!
tetra12
@tetra12

Hello I'm confused about the Sign-Up process in Casdoor. What I do:

  1. Start a fresh docker instance
  2. Login as admin/123
  3. Create a new Org - my-org
  4. Create a new app inside my-org: my-app
  5. Setup Sign UP settings in the my-app page
  6. Log out and sign up with the link provided on the my-app page
  7. When I try to log in with the newly created user on my page http://localhost:8000/signin/my-app, I'm getting an error "Non existing user"

Bottom line. Is it possible for a user to sign up and sign in inside a specific app ? And do NOT provide access to admin console for registered users.

I appreciate link to code examples with the proper Sign UP process. I checked Casnode, but it seems to impl the default logic.

Thanks !

hsluoyz
@hsluoyz
@tetra12 the user pool is attached to an org. By default the newly created org doesn't have any users. So you need to create a user by admin, or let the user sign-up first
Gopalakrishna Palem
@gkpalem:matrix.org
[m]
After login and retrieving the JWT token from casdoor, how to retrieve the list of permissions for a user?
tetra12
@tetra12
@hsluoyz Hello thanks for response. I'm having an issue with an ivalid redirect. When a user Signs Up for my appliation, Casdoor MUST redirect to the app page to allow a proper login. Instead, Casdoor gui shows a button "Sign In" and it forwards to the ROOT sign in page, e.g http://localhost:8000/login instead of smth like http://localhost:8000/login/oauth/authorize?client_id=cb92c38bb2cd6d3366a4&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A9000%2Fauth&scope=read&state=web-console
I think its a bug, because Sign Up must work similar to Google. Once you signed up, you are immediately forwared to the login page of my app, not a root login page
billyhu
@billyhu
I am investigation on casdoor and keycloak, could I integrate both services - keycloak for IAM and casdoor for RBAC?
hsluoyz
@hsluoyz
@tetra12 it should redirect to the app's login page, if not, please raise a bug
@billyhu why not use Casdoor's IAM together? Casdoor's IAM has all functionalities as keycloak
2 replies
tetra12
@tetra12
@hsluoyz I confirm that. Switched from KC to Casdoor recently. Few things in Casdoor do have rough edges (like Sign UP), but resource efficiency, speed and ease of use are way higher
Thambolo
@Thambolo
image.png
May I know what ranking is? (user model)
Nover
@nover:m.nov.re
[m]
Is there anyone use casdoor for Outline (wiki)? I use it but get error "An email field was not returned in the profile parameter".
hsluoyz
@hsluoyz
@nover:m.nov.re plz create a github issue, with all details, we will fix this
1 reply
@Thambolo it's an integer, can be used like user activity or score ranking, or can be anything else
BaiShaojie123123
@BaiShaojie123123
I don't know what openid is in thegiea configuration, where does this parameter value come from?
Krithika3
@Krithika3
HI I am new to this portal, I am trying to setup authentication on an application that could be opensourced, and uses gin server in the backend
is casdoor a good choice to just use for the backend?
hsluoyz
@hsluoyz
@BaiShaojie123123 what application do you use? What's "thegiea"?
@Krithika3 you can use Casdoor RESTful API (the backend) only. Casdoor is based on React + Go, so you have full set of APIs to do the exact the same thing as Casdoor's only web UI
own web UI
Ehsan Zarei
@ezarei88_gitlab
hi im run casdoor with docker when login error "Failed to log in: unexpected end of JSON input"
restart: always
entrypoint: /bin/sh -c './server --createDatabase=true'
image: casbin/casdoor:latest
container_name: 'casdoor'
ports:
  - "81:8000"    
volumes:      
  - ./casdoor:/conf 
environment:
  RUNNING_IN_DOCKER: "true"   
please help me
hsluoyz
@hsluoyz
@ezarei88_gitlab state your version and create a github issue
WFish
@WarlockFish
how to set sqlite3
图片.png
hsluoyz
@hsluoyz
@WarlockFish relied your github issue
Thambolo
@Thambolo
Hi, I am trying to send a request to my casdoor server for "/api/set-password" because its unavailable in the casdoor go-sdk. How can I send post requests? currently my code is:
func GlobalUserSetPasswd(owner string, name string, oldPasswd string, newPasswd string) (ok bool, err error) {

    formData := url.Values{
        "userOwner":   {owner},
        "userName":    {name},
        "oldPassword": {oldPasswd},
        "newPassword": {newPasswd},
    }


    res, err := http.PostForm(fmt.Sprintf("%s/api/set-password", CasdoorEndpoint), formData)

    if err != nil {
        log.Panicln(err)
    }

    defer res.Body.Close()
    body, err := ioutil.ReadAll(res.Body)

    if err != nil {
        log.Panicln(err)
    }

    fmt.Printf("%s\n", string(body))

    return true, nil
}
i'm getting "please login first" in the response
hsluoyz
@hsluoyz
@Thambolo plz create an issue at: https://github.com/casdoor/casdoor-go-sdk/issues
the maintainers will add it to the SDK for you
Fernando López Guevara
@fernandolguevara:matrix.org
[m]
Hello! just sent a PR adding support to min.io casdoor/casdoor#1037
Thambolo
@Thambolo
@hsluoyz cool thanks!
Kint0ki
@Kint0ki
@hsluoyz Could you please reopen casdoor/casdoor#1065?
Alexandr Belyakov
@mozomig
Hello, how i can set custom claim for jwt generated casdoor?
hsluoyz
@hsluoyz
@mozomig plz create a github issue to provide more details
VaiTon
@vaiton:matrix.org
[m]
Hello everybody! Is there a specific place to report a security vulnerability for casdoor?
1 reply
Stefan Wüthrich
@stefanwuthrich

Hi
I'm exited with this project, but have a problem. When I run go run main.go first time after cloning source and adjust app.conf to use postres, all works fine (back and front)
but trying to run it a second time i get

https://gcdnb.pbrd.co/images/d4PfwHOfrZNX.png?o=1

I already tried to delete the tmp files and database. but only way to get it running is delete source, clone, and start from there....

hsluoyz
@hsluoyz
@stefanwuthrich what's your OS and version? Create an issue at Github
Sanjay Patel
@ssoeurope_twitter

Hello,
Is there any possibility to manage roles, permission and assign to user via go or java SDK ?
I have tried to create user with role (manually created in UI), user has been created successfully
but i can't see roles assigned to user e.g. roles seems to be ignored.

Thanks

hsluoyz
@hsluoyz
@ssoeurope_twitter call the Role API: https://door.casdoor.com/swagger/#/Role%20API
Salim Alami
@celrenheit

Hello, I am wondering how to design a usecase based around feature flags around apikeys. Typically, if we have superadmin users who can create apikeys and each apikey can have a list of feature hierarchy that can be enabled.
For exemple:

apikeyA can access:
  REST api (all sub-features)
  GRPC api (just subset)
    foo
    bar
apikeyB can access:
  REST api (just a subset)
    baz
  GRPC api (all)

How would you model something like this using casdoor ?

hsluoyz
@hsluoyz
@celrenheit does this relate to a Casdoor specific feature?
boris-donchev
@boris-donchev

Hey casdoor community,

I learned today about the init_data.json and have create one for my app.

I want to add the models too, but I don't seem to be able to. I also don't see them here: https://github.com/casdoor/casdoor/blob/master/init_data.json.template or here: https://casdoor.org/de/docs/deployment/data-initialization#file-details

Are they not included?