## ldap_forwardauth

LDAP Forward Auth is a forward auth service (shocking) that i made to use with the caddy reverse proxy.

It allows a proxied login page to appear if a user tries to access restricted content while not logged in.

It uses LDAP for authentication, which can be configured in the conf/ldap/ldap.env file.

```
# the following is all the ldap credentials for a ldap bind dn auth setup
# this does not support ldap simple auth
LDAP_URL=
LDAP_BIND_DN=
LDAP_BIND_PASSWORD=
LDAP_BASE_DN=
LDAP_FILTER="(&)"
LDAP_UID="cn"

# the host that the forward auth is hosted at
# if the user is not logged in they will be redirected here
HTTP_HOST=auth.example.com

# the base domain for all websites that are being authed checked including the forward auth itself.
# they all need to have a common root domain otherwise the X-LDAP-Auth-Key cookie cannot be set.
COOKIE_DOMAIN=example.com
```

Once authenticated, sets the X-Webauth-User header, which can be used by applications to see who is logged in.

### how to run

'''
docker compose up -d
'''