TINYRAY
 
Social Network Auth
tnAuth is a simple and fast oAuth gateway, allowing oAuth integrating into your website or app for user authentication using their social network account in an ever easy way.
tnAuth for WordPress
Just add the following code into your theme functions.php or make it your own plugin.
  1. HTML login link
    https://api.tinyray.com/auth?tnaci=Your-website-url&tnaid=Your-tnAuth-name
  2. Server PHP code
    add_action( 'init', function(){
        $tna_code = filter_input(INPUT_GET, 'tnant');
        if ( $tna_code != null && substr($tna_code,-7) != '.denied' ) {
            $userObj = wp_remote_get( 'https://api.tinyray.com/auth', [
                'headers' => [ 'Authorization' => "Your-tnAuth-name $tna_code" ]
            ] );
            if ( $userObj && !empty($userObj['email']) ) {
                $wp_user = get_user_by( 'email', $userObj['email'] );
                if ( $wp_user ) {
                    wp_set_current_user( $wp_user->ID );
                    wp_set_auth_cookie( $wp_user->ID );
                    do_action( 'wp_login', $wp_user->ID, $wp_user );
                }
            }
        }
    },0 );
tnAuth for VS Code Server
tnAuth can serve as VS Code Server external authentication proxy server. It requires Code to run behind a reverse proxy, Nginx for example, and a few additional configurations as below.
  1. Code config
    socket: /run/vscode.sock
    socket-mode: 0666
    auth: none
    cert: false
    ... # your other settings
  2. Nginx config
    server {
        ...
        location / {
            auth_request /auth;
            auth_request_set $auth_status $upstream_status;
            proxy_pass unix:/run/vscode.sock;
            ... # your other settings
        }
        location /auth {
            internal;
            proxy_pass  https://api.tinyray.com/auth[.pid]; # pid is optional
            proxy_set_header Authentication "Your-tnAuth-name";
            proxy_set_header Content-Length "";
            proxy_pass_request_body off;
        }
        location /login {
            proxy_pass  https://api.tinyray.com/auth[.pid]; # pid is optional
            proxy_set_header Host $host;
            proxy_set_header Authorization "Your-tnAuth-name";
            proxy_set_header X-Original-URI $request_uri;
        }
        error_page 401 /login;
    }
    You can now login Code using any social network account, Facebook for example, which uses the same email once used for tnAuth registration.
Advanced tnAuth
  • tnAuth upstream headers include $upstream_http_tnauth_{userid, username, email}
  • If Code config with auth:password then skip Code login form by adding to Nginx config:
    auth_request_set $auth_userid $upstream_http_tnauth_userid;
    set $auth_cookies "code-server-session=Your-ARGON2-Hashed-Password;Path=/";
    if ($auth_userid = false) { set $auth_cookies ""; }
    proxy_set_header Cookie $auth_cookies;
    location /logout { return 401; }
  • pid— is used in case of running multiple Code instances on the same host but different in port# or subpath; pid is then set to port#, or whatever number of your choice.
  • My Code server at lab.tinyray.com is an example.
Designed & Developed by Thanh Le
© 2024 TINYRAY