member/member-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add username-password login flow via authentik token endpoint

Browse Source
This commit is contained in:
Chris
2026-03-30 00:52:09 +08:00
parent 8335dc11d1
commit 8f06f75cca
8 changed files with 83 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -28,7 +28,9 @@ python scripts/generate_api_key_hash.py 'YOUR_PLAIN_KEY'
- `AUTHENTIK_ISSUER` (the service infers `<issuer>/jwks/`)
- Optional:
- `AUTHENTIK_AUDIENCE` (enables audience claim validation)
- `AUTHENTIK_CLIENT_ID` (used by `/auth/login`, fallback to `AUTHENTIK_AUDIENCE`)
- `AUTHENTIK_CLIENT_SECRET` (required if your access/id token uses HS256 signing)
- `AUTHENTIK_TOKEN_ENDPOINT` (default: `<AUTHENTIK_BASE_URL>/application/o/token/`)
## Authentik Admin API setup
@@ -40,6 +42,7 @@ python scripts/generate_api_key_hash.py 'YOUR_PLAIN_KEY'
## Main APIs
- `GET /healthz`
- `POST /auth/login`
- `GET /me` (Bearer token required)
- `GET /me/permissions/snapshot` (Bearer token required)
- `POST /internal/users/upsert-by-sub`