2018-08-27 04:46:15 +07:00
|
|
|
<p align="center">
|
|
|
|
<img src="images/authelia-title.png" width="350" title="Authelia">
|
|
|
|
</p>
|
2016-12-18 18:35:56 +07:00
|
|
|
|
2016-12-18 19:26:14 +07:00
|
|
|
[![license](https://img.shields.io/github/license/mashape/apistatus.svg?maxAge=2592000)][MIT License]
|
2017-01-29 22:29:36 +07:00
|
|
|
[![Build](https://travis-ci.org/clems4ever/authelia.svg?branch=master)](https://travis-ci.org/clems4ever/authelia)
|
2018-08-30 16:25:33 +07:00
|
|
|
[![Known Vulnerabilities](https://snyk.io/test/github/clems4ever/authelia/badge.svg?targetFile=package.json)](https://snyk.io/test/github/clems4ever/authelia?targetFile=package.json)
|
2018-08-29 02:04:57 +07:00
|
|
|
[![Gitter](https://img.shields.io/gitter/room/badges/shields.svg)](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link)
|
2018-08-28 03:38:33 +07:00
|
|
|
[![Donate](https://img.shields.io/badge/Donate-PayPal-orange.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=clement%2emichaud34%40gmail%2ecom&lc=FR&item_name=Authelia¤cy_code=EUR&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted)
|
2016-12-18 02:19:10 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
**Authelia** is an open-source authentication and authorization providing
|
|
|
|
2-factor authentication and single sign-on (SSO) for your applications.
|
|
|
|
It acts as a companion of reverse proxies by handling authentication and
|
|
|
|
authorization requests.
|
2018-04-26 14:22:40 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
**Authelia** can be installed as a standalone service using Docker or NPM
|
|
|
|
but can also be deployed easily on Kubernetes. On the latest, one can
|
|
|
|
leverage ingress configuration to set up authentication and authorizations
|
|
|
|
for specific services in only few seconds.
|
2018-04-26 14:22:40 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
<p align="center">
|
2018-08-30 16:33:55 +07:00
|
|
|
<img src="images/first_factor.png" width="400" />
|
|
|
|
<img src="images/second_factor.png" width="400" />
|
2018-08-27 04:46:15 +07:00
|
|
|
</p>
|
2017-01-29 22:29:36 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
## Features summary
|
2017-07-14 05:52:07 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
Here is the list of the main available features:
|
2017-07-14 05:52:07 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
* **[U2F] - Universal 2-Factor -** support with [Yubikey].
|
|
|
|
* **[TOTP] - Time-Base One Time password -** support with [Google Authenticator].
|
2017-11-02 01:23:45 +07:00
|
|
|
* Password reset with identity verification using email.
|
2018-08-27 04:46:15 +07:00
|
|
|
* Single-factor only authentication method available.
|
2017-01-29 22:29:36 +07:00
|
|
|
* Access restriction after too many authentication attempts.
|
2017-09-24 19:49:03 +07:00
|
|
|
* User-defined access control per subdomain and resource.
|
2017-11-02 01:23:45 +07:00
|
|
|
* Support of [basic authentication] for endpoints protected by single factor.
|
2018-08-27 04:46:15 +07:00
|
|
|
* High-availability using distributed database and KV store.
|
2018-04-25 05:49:52 +07:00
|
|
|
* Compatible with Kubernetes ingress-nginx controller out of the box.
|
2016-12-18 02:19:10 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
For more details about the features, follow [Features](./docs/features.md).
|
2017-06-29 16:51:52 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
## Getting Started
|
2017-01-29 22:29:36 +07:00
|
|
|
|
2018-11-16 14:39:57 +07:00
|
|
|
If you want to quickly test Authelia with Docker, we recommend you read
|
|
|
|
[Getting Started](./docs/getting-started.md).
|
|
|
|
|
|
|
|
## Deployment
|
|
|
|
|
|
|
|
Now that you have tested **Authelia** and you want to try it out in your own infrastructure, you can learn how to deploy and use it with
|
|
|
|
[Deployment](./docs/deployment-production.md). This guide will show you how to deploy
|
|
|
|
it on bare metal as well as on Kubernetes.
|
2017-07-14 05:52:07 +07:00
|
|
|
|
2017-10-15 22:57:12 +07:00
|
|
|
## Security
|
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
If you want more information about the security measures applied by
|
|
|
|
**Authelia** and some tips on how to set up **Authelia** in a secure way,
|
|
|
|
refer to [Security](./docs/security.md).
|
2017-10-15 22:57:12 +07:00
|
|
|
|
2018-08-27 04:46:15 +07:00
|
|
|
## Changelog
|
2017-01-29 22:29:36 +07:00
|
|
|
|
2018-08-29 05:10:12 +07:00
|
|
|
See [CHANGELOG.md](CHANGELOG.md).
|
2018-04-26 14:22:40 +07:00
|
|
|
|
2018-11-16 04:47:27 +07:00
|
|
|
## Contribute
|
2017-01-29 22:29:36 +07:00
|
|
|
|
2018-11-16 04:47:27 +07:00
|
|
|
Anybody willing to contribute to the project either with code,
|
|
|
|
documentation, security reviews or whatever, are very welcome to issue
|
|
|
|
or review pull requests and take part to discussions in
|
|
|
|
[Gitter](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link).
|
|
|
|
|
|
|
|
We are already greatful to contributors listed in
|
|
|
|
[CONTRIBUTORS.md](CONTRIBUTORS.md) for their contributions to the project.
|
2018-11-16 14:39:57 +07:00
|
|
|
Be the next in the list!
|
|
|
|
|
|
|
|
## Build Authelia
|
|
|
|
|
|
|
|
If you want to contribute with code, you should follow the documentation explaining how to [build](./docs/build.md) the application.
|
2016-12-18 02:19:10 +07:00
|
|
|
|
2018-08-28 03:38:33 +07:00
|
|
|
## Donation
|
|
|
|
|
2018-11-16 04:47:27 +07:00
|
|
|
Wanna see more features? Then fuel us with a few beers!
|
2018-08-28 03:38:33 +07:00
|
|
|
|
|
|
|
[![paypal](https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=clement%2emichaud34%40gmail%2ecom&lc=FR&item_name=Authelia¤cy_code=EUR&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted)
|
|
|
|
|
2016-12-18 02:19:10 +07:00
|
|
|
## License
|
2018-08-27 04:46:15 +07:00
|
|
|
|
2017-01-29 22:29:36 +07:00
|
|
|
**Authelia** is **licensed** under the **[MIT License]**. The terms of the license are as follows:
|
2016-12-18 02:19:10 +07:00
|
|
|
|
|
|
|
The MIT License (MIT)
|
|
|
|
|
|
|
|
Copyright (c) 2016 - Clement Michaud
|
|
|
|
|
|
|
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
of this software and associated documentation files (the "Software"), to deal
|
|
|
|
in the Software without restriction, including without limitation the rights
|
|
|
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
copies of the Software, and to permit persons to whom the Software is
|
|
|
|
furnished to do so, subject to the following conditions:
|
|
|
|
|
|
|
|
The above copyright notice and this permission notice shall be included in
|
|
|
|
all copies or substantial portions of the Software.
|
|
|
|
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
|
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
|
|
|
|
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
|
|
|
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
|
|
|
|
|
|
|
|
|
|
[MIT License]: https://opensource.org/licenses/MIT
|
2017-01-29 22:29:36 +07:00
|
|
|
[TOTP]: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
|
|
|
|
[U2F]: https://www.yubico.com/about/background/fido/
|
|
|
|
[Yubikey]: https://www.yubico.com/products/yubikey-hardware/yubikey4/
|
2017-06-29 16:51:52 +07:00
|
|
|
[auth_request]: http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
|
|
|
|
[Google Authenticator]: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en
|
2017-09-03 20:22:09 +07:00
|
|
|
[config.template.yml]: https://github.com/clems4ever/authelia/blob/master/config.template.yml
|