knadh/listmonk
1
1
Fork 0
mirror of https://github.com/knadh/listmonk.git synced 2025-11-08 08:41:34 +08:00
Code Issues Projects Releases Packages Wiki Activity

Add support for OIDC user auto-creation (#2578)

Browse source 
This patch adds 3 new options to OIDC settings.

Toggle user auto-creation, and select default user/list roles
for auto-created users.

Co-authored-by: Kailash Nadh <kailash@nadh.in>
This commit is contained in:
Vivek R 2025-07-20 16:11:45 +05:30 committed by GitHub
parent 66d7413bfb
commit c9c678c04f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
45 changed files with 366 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
cmd/auth.go
View file

@ -158,11 +158,22 @@ func (a *App) OIDCFinish(c echo.Context) error {
return a.renderLoginPage(c, err)
}
email = strings.ToLower(em.Address)
claims.Email = email
// Get the user by e-mail received from OIDC.
user, err := a.core.GetUser(0, "", email)
if err != nil {
return a.renderLoginPage(c, err)
user, userErr := a.core.GetUser(0, "", email)
if userErr != nil {
// If the user doesn't exist, and auto-creation is enabled, create a new user.
if httpErr, ok := userErr.(*echo.HTTPError); ok && httpErr.Code == http.StatusNotFound && a.cfg.Security.OIDC.AutoCreateUsers {
u, err := a.createOIDCUser(claims, c)
if err != nil {
return a.renderLoginPage(c, err)
}
user = u
userErr = nil
} else {
return a.renderLoginPage(c, userErr)
}
}
// Update the user login state (avatar, logged in date) in the DB.
@ -279,6 +290,36 @@ func (a *App) renderLoginSetupPage(c echo.Context, loginErr error) error {
return c.Render(http.StatusOK, "admin-login-setup", out)
}
// createOIDCUser creates a new user in the DB with the OIDC claims.
func (a *App) createOIDCUser(claims auth.OIDCclaim, c echo.Context) (auth.User, error) {
name := claims.Name
if name == "" {
name = strings.TrimSpace(claims.PreferredUsername)
}
if name == "" {
name = strings.Split(claims.Email, "@")[0]
}
var listRoleID *int
if a.cfg.Security.OIDC.DefaultListRoleID > 0 {
listRoleID = &a.cfg.Security.OIDC.DefaultListRoleID
}
user, err := a.core.CreateUser(auth.User{
Type: auth.UserTypeUser,
HasPassword: false,
PasswordLogin: false,
Username: claims.Email,
Name: name,
Email: null.NewString(claims.Email, true),
UserRoleID: a.cfg.Security.OIDC.DefaultUserRoleID,
ListRoleID: listRoleID,
Status: auth.UserStatusEnabled,
})
return user, err
}
// doLogin logs a user in with a username and password.
func (a *App) doLogin(c echo.Context) error {
var (

26
cmd/init.go
View file

@ -96,11 +96,14 @@ type Config struct {
} `koanf:"privacy"`
Security struct {
OIDC struct {
Enabled bool `koanf:"enabled"`
ProviderURL string `koanf:"provider_url"`
ProviderName string `koanf:"provider_name"`
ClientID string `koanf:"client_id"`
ClientSecret string `koanf:"client_secret"`
Enabled bool `koanf:"enabled"`
ProviderURL string `koanf:"provider_url"`
ProviderName string `koanf:"provider_name"`
ClientID string `koanf:"client_id"`
ClientSecret string `koanf:"client_secret"`
AutoCreateUsers bool `koanf:"auto_create_users"`
DefaultUserRoleID int `koanf:"default_user_role_id"`
DefaultListRoleID int `koanf:"default_list_role_id"`
} `koanf:"oidc"`
EnableCaptcha bool `koanf:"enable_captcha"`
@ -1004,11 +1007,14 @@ func initAuth(co *core.Core, db *sql.DB, ko *koanf.Koanf) (bool, *auth.Auth) {
// If OIDC is enabled, set up the OIDC config.
if ko.Bool("security.oidc.enabled") {
oidcCfg = auth.OIDCConfig{
Enabled: true,
ProviderURL: ko.String("security.oidc.provider_url"),
ClientID: ko.String("security.oidc.client_id"),
ClientSecret: ko.String("security.oidc.client_secret"),
RedirectURL: fmt.Sprintf("%s/auth/oidc", strings.TrimRight(ko.String("app.root_url"), "/")),
Enabled: true,
ProviderURL: ko.String("security.oidc.provider_url"),
ClientID: ko.String("security.oidc.client_id"),
ClientSecret: ko.String("security.oidc.client_secret"),
AutoCreateUsers: ko.Bool("security.oidc.auto_create_users"),
DefaultUserRoleID: ko.Int("security.oidc.default_user_role_id"),
DefaultListRoleID: ko.Int("security.oidc.default_list_role_id"),
RedirectURL: fmt.Sprintf("%s/auth/oidc", strings.TrimRight(ko.String("app.root_url"), "/")),
}
}

9
cmd/settings.go
View file

@ -17,6 +17,7 @@ import (
"github.com/knadh/koanf/parsers/json"
"github.com/knadh/koanf/providers/rawbytes"
"github.com/knadh/koanf/v2"
"github.com/knadh/listmonk/internal/auth"
"github.com/knadh/listmonk/internal/messenger/email"
"github.com/knadh/listmonk/internal/notifs"
"github.com/knadh/listmonk/models"
@ -226,6 +227,14 @@ func (a *App) UpdateSettings(c echo.Context) error {
set.OIDC.ClientSecret = cur.OIDC.ClientSecret
}
// OIDC user auto-creation is enabled. Validate.
if set.OIDC.AutoCreateUsers {
if set.OIDC.DefaultUserRoleID.Int < auth.SuperAdminRoleID {
return echo.NewHTTPError(http.StatusBadRequest,
a.i18n.Ts("globals.messages.invalidFields", "name", a.i18n.T("settings.security.OIDCDefaultRole")))
}
}
for n, v := range set.UploadExtensions {
set.UploadExtensions[n] = strings.ToLower(strings.TrimPrefix(strings.TrimSpace(v), "."))
}

1
cmd/upgrade.go
View file

@ -41,6 +41,7 @@ var migList = []migFunc{
{"v4.0.0", migrations.V4_0_0},
{"v4.1.0", migrations.V4_1_0},
{"v5.0.0", migrations.V5_0_0},
{"v5.1.0", migrations.V5_1_0},
}
// upgrade upgrades the database to the current version by running SQL migration files

9
docs/docs/content/oidc.md
View file

@ -3,9 +3,8 @@
Listmonk supports single sign-on with OIDC (OpenID Connect). Any standards compliant OIDC provider can be configured in Settings -> Security -> OIDC
!!! note "Automatic user creation"
There is no support for automatic user creation via OIDC currently. The Super Admin must create users prior in Admin -> Users with the same e-mail address that is expected from the OIDC provider per user.
### User auto-creation
If `Settings -> Security -> OIDC -> Auto-create users` is turned on, when users login via OIDC, an account is auto-created if an existing account is not found (based on the OIDC e-mail ID).
# Tutorials
@ -41,6 +40,8 @@ After the client creation steps above, go to the client's `Credentials` tab and
- **Provider name**: Set a name to show on the listmonk login form, eg: `Login with OrgName`
- **Client ID**: Client ID set in Keycloak, eg: `listmonk`
- **Client Secret**: Client Secret copied from Keycloak
- **Auto-create users from SSO**: (Optional) Enable to automatically create users who don't exist
- **Default user role**: (Required if auto-create enabled) Select role for new users
@ -75,3 +76,5 @@ In listmonk Admin → Settings → Security → OIDC:
- **Provider Name**: Set a name to show on the login form (e.g., `Login with OrgName`)
- **Client ID**: Client ID set in Authentik (e.g., `listmonk`)
- **Client Secret**: Client Secret copied from Authentik
- **Auto-create users from SSO**: (Optional) Enable to automatically create users who don't exist
- **Default user role**: (Required if auto-create enabled) Select role for new users

66
frontend/src/views/settings/security.vue
View file

@ -31,16 +31,59 @@
</div>
</div>
<b-field :label="$t('settings.security.OIDCClientID')" label-position="on-border">
<b-input v-model="data['security.oidc']['client_id']" name="oidc.client_id" ref="client_id"
:disabled="!data['security.oidc']['enabled']" :maxlength="200" required />
</b-field>
<div class="columns">
<div class="column is-6">
<b-field :label="$t('settings.security.OIDCClientID')" label-position="on-border">
<b-input v-model="data['security.oidc']['client_id']" name="oidc.client_id" ref="client_id"
:disabled="!data['security.oidc']['enabled']" :maxlength="200" required />
</b-field>
</div>
<b-field :label="$t('settings.security.OIDCClientSecret')" label-position="on-border">
<b-input v-model="data['security.oidc']['client_secret']" name="oidc.client_secret" type="password"
:disabled="!data['security.oidc']['enabled']" :maxlength="200" required />
</b-field>
<div class="column is-6">
<b-field :label="$t('settings.security.OIDCClientSecret')" label-position="on-border">
<b-input v-model="data['security.oidc']['client_secret']" name="oidc.client_secret" type="password"
:disabled="!data['security.oidc']['enabled']" :maxlength="200" required />
</b-field>
</div>
</div>
<hr />
<div class="columns">
<div class="column is-4">
<b-field :label="$t('settings.security.OIDCAutoCreateUsers')"
:message="$t('settings.security.OIDCAutoCreateUsersHelp')">
<b-switch v-model="data['security.oidc']['auto_create_users']"
:disabled="!data['security.oidc']['enabled']" name="oidc.auto_create_users" />
</b-field>
</div>
<div class="column is-4">
<b-field :label="$t('settings.security.OIDCDefaultUserRole')" label-position="on-border"
:message="$t('settings.security.OIDCDefaultRoleHelp')">
<b-select v-model="data['security.oidc']['default_user_role_id']"
:disabled="!data['security.oidc']['enabled'] || !data['security.oidc']['auto_create_users']"
name="oidc.default_user_role_id" expanded>
<option v-for="role in userRoles" :key="role.id" :value="role.id">
{{ role.name }}
</option>
</b-select>
</b-field>
</div>
<div class="column is-4">
<b-field :label="$t('settings.security.OIDCDefaultListRole')" label-position="on-border"
:message="$t('settings.security.OIDCDefaultRoleHelp')">
<b-select v-model="data['security.oidc']['default_list_role_id']"
:disabled="!data['security.oidc']['enabled'] || !data['security.oidc']['auto_create_users']"
name="oidc.default_list_role_id" expanded>
<option :value="null">&mdash; {{ $t("globals.terms.none") }} &mdash;</option>
<option v-for="role in listRoles" :key="role.id" :value="role.id">
{{ role.name }}
</option>
</b-select>
</b-field>
</div>
</div>
<hr />
<b-field :label="$t('settings.security.OIDCRedirectURL')">
<code><copy-text :text="`${serverConfig.root_url}/auth/oidc`" /></code>
</b-field>
@ -97,7 +140,7 @@ export default Vue.extend({
},
computed: {
...mapState(['serverConfig']),
...mapState(['serverConfig', 'userRoles', 'listRoles']),
version() {
return import.meta.env.VUE_APP_VERSION;
@ -116,7 +159,10 @@ export default Vue.extend({
}
},
},
mounted() {
this.$api.getUserRoles();
this.$api.getListRoles();
},
methods: {
setProvider(provider) {
this.$set(this.data['security.oidc'], 'provider_url', OIDC_PROVIDERS[provider]);

5
i18n/bg.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Записване на IP адреса на opt-in",
"settings.privacy.recordOptinIPHelp": "Записване на IP адреса на двойния opt-in в атрибутите на абоната.",
"settings.restart": "Рестартиране",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID на клиент",
"settings.security.OIDCClientSecret": "Клиентска тайна",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Активиране на OpenID Connect OAuth2 вход чрез OAuth доставчик.",
"settings.security.OIDCName": "Име на доставчика",
"settings.security.OIDCRedirectURL": "URL за пренасочване за oAuth доставчик",

5
i18n/ca.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Registra l'adreça IP de l'opt-in",
"settings.privacy.recordOptinIPHelp": "Registra l'adreça IP dels opt-ins dobles en els atributs del subscrit.",
"settings.restart": "Reinicia",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID del client",
"settings.security.OIDCClientSecret": "Secret del client",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Activa l'inici de sessió OAuth2 OpenID Connect a través d'un proveïdor OAuth.",
"settings.security.OIDCName": "Nom del proveïdor",
"settings.security.OIDCRedirectURL": "URL de redirecció per al proveïdor OAuth",

5
i18n/cs-cz.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Zaznamenávat IP adresy pro opt-in",
"settings.privacy.recordOptinIPHelp": "Zaznamenávat IP adresy pro dvojí opt-in v atributu odběratele.",
"settings.restart": "Restartovat",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID klienta",
"settings.security.OIDCClientSecret": "Tajný klíč klienta",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Povolit přihlášení OpenID Connect OAuth2 pomocí poskytovatele OAuth.",
"settings.security.OIDCName": "Název poskytovatele",
"settings.security.OIDCRedirectURL": "URL přesměrování pro poskytovatele oAuth",

5
i18n/cy.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Cofnodi cyfeiriad IP dewis mewn",
"settings.privacy.recordOptinIPHelp": "Cofnodi cyfeiriad IP ar bwyntio dwbl yn manylion tanysgrifiwr.",
"settings.restart": "Ailgychwyn",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID Cleient",
"settings.security.OIDCClientSecret": "Cyfrinach Cleient",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Galluogi mewngofnodi OAuth2 Connect OpenID Connect drwy ddarparwr OAuth.",
"settings.security.OIDCName": "Enw'r darparwr",
"settings.security.OIDCRedirectURL": "URL ailgyfeirio ar gyfer darparwr oAuth",

5
i18n/da.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Optag opt-in IP-adresse",
"settings.privacy.recordOptinIPHelp": "Optag IP-adressen for dobbelt opt-ins i abonnentattributter.",
"settings.restart": "Genstart",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Klient-ID",
"settings.security.OIDCClientSecret": "Klient-hemmelighed",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Aktivér OpenID Connect OAuth2-login via en OAuth-udbyder.",
"settings.security.OIDCName": "Provider name",
"settings.security.OIDCRedirectURL": "Redirect-URL til OAuth-udbyder",

5
i18n/de.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Opt-in-IP-Adresse protokollieren",
"settings.privacy.recordOptinIPHelp": "Protokollieren Sie die IP-Adresse der doppelten Einwilligung in den Abonnentenattributen.",
"settings.restart": "Neustarten",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Client-ID",
"settings.security.OIDCClientSecret": "Client Secret",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Aktivieren Sie die Anmeldung über OpenID Connect OAuth2 über einen OAuth-Anbieter.",
"settings.security.OIDCName": "Anbietername",
"settings.security.OIDCRedirectURL": "Redirect-URL für oAuth-Anbieter",

5
i18n/el.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Καταγραφή διεύθυνσης IP με τη συγκατάθεση",
"settings.privacy.recordOptinIPHelp": "Καταγράψτε τη διεύθυνση IP της διπλής συγκατάθεσης στα χαρακτηριστικά των συνδρομητών.",
"settings.restart": "Επανεκίννηση",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Ταυτοποίηση πελάτη",
"settings.security.OIDCClientSecret": "Μυστικό πελάτη",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Ενεργοποίηση σύνδεσης OAuth2 OpenID Connect μέσω ενός παροχέα OAuth.",
"settings.security.OIDCName": "Όνομα παρόχου",
"settings.security.OIDCRedirectURL": "URL ανακατεύθυνσης για τον πάροχο oAuth",

5
i18n/en.json
View file

@ -531,6 +531,11 @@
"settings.security.OIDCURL": "Provider URL",
"settings.security.OIDCName": "Provider name",
"settings.security.OIDCWarning": "When OIDC is enabled, default password login is disabled. Invalid config can lock you out.",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.captchaKey": "hCaptcha.com SiteKey",
"settings.security.captchaKeyHelp": "Visit www.hcaptcha.com to obtain the key and secret.",
"settings.security.captchaSecret": "hCaptcha.com secret",

5
i18n/eo.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Registra l'adreça IP de l'opt-in",
"settings.privacy.recordOptinIPHelp": "Registra l'adreça IP dels opt-ins dobles en els atributs del subscrit.",
"settings.restart": "Reinicia",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Klient-ID",
"settings.security.OIDCClientSecret": "Klient-sekreto",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Ebligi OpeID Connect OAuth2 ensaluton per OAuth provizanto.",
"settings.security.OIDCName": "Nomo de provizanto",
"settings.security.OIDCRedirectURL": "URL for redirektado de oAuth provizanto",

5
i18n/es.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Grabar dirección IP de inscripción",
"settings.privacy.recordOptinIPHelp": "Registrar la dirección IP de doble inscripción en los atributos del suscriptor.",
"settings.restart": "Reiniciar",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID del cliente",
"settings.security.OIDCClientSecret": "Secreto del cliente",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Habilita el inicio de sesión OAuth2 de OpenID Connect mediante un proveedor de OAuth.",
"settings.security.OIDCName": "Nombre del proveedor",
"settings.security.OIDCRedirectURL": "URL de redirección para el proveedor de OAuth",

5
i18n/fi.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Kirjaa tilauksen IP-osoite",
"settings.privacy.recordOptinIPHelp": "Kirjaa varmennetun tilaajan IP-osoite tilaajan attribuutteihin.",
"settings.restart": "Käynnistä uudelleen",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Asiakas-ID",
"settings.security.OIDCClientSecret": "Asiakasavain",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Salli OpenID Connect OAuth2 -sisäänkirjautuminen OAuth-toimittajan kautta.",
"settings.security.OIDCName": "Tarjoajan nimi",
"settings.security.OIDCRedirectURL": "Ohjaus URL oAuth-toimittajalle",

5
i18n/fr-CA.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Enregistrer l'adresse IP d'inscription",
"settings.privacy.recordOptinIPHelp": "Enregistre l'adresse IP des double opt-ins dans les attributs des abonnés.",
"settings.restart": "Redémarrer",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID client",
"settings.security.OIDCClientSecret": "Secret client",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Activer l'authentification OpenID Connect OAuth2 via un fournisseur OAuth.",
"settings.security.OIDCName": "Provider name",
"settings.security.OIDCRedirectURL": "URL de redirection pour le fournisseur oAuth",

5
i18n/fr.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Enregistrer l'adresse IP d'inscription",
"settings.privacy.recordOptinIPHelp": "Enregistre l'adresse IP des double opt-ins dans les attributs des abonnés.",
"settings.restart": "Redémarrer",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID client",
"settings.security.OIDCClientSecret": "Secret client",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Activer la connexion OIDC via un fournisseur OAuth2.",
"settings.security.OIDCName": "Provider name",
"settings.security.OIDCRedirectURL": "URL de redirection pour le fournisseur oAuth",

5
i18n/he.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "תצורת דין רישום IP הפעילה",
"settings.privacy.recordOptinIPHelp": "תיחום כתובת ה־IP של רישום הפעילה החזקה במאפייני המנוי.",
"settings.restart": "הפעלה מחדש",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "זהות לקוח (Client ID)",
"settings.security.OIDCClientSecret": "סוד לקוח (Client secret)",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "הפעלת התחברות OpenID Connect OAuth2 דרך ספק OAuth.",
"settings.security.OIDCName": "שם הספק",
"settings.security.OIDCRedirectURL": "כתובת URL למפנה של ספק ה- oAuth",

5
i18n/hu.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "IP-cím rögzítésére feliratkozás",
"settings.privacy.recordOptinIPHelp": "Az előfizető attribútumainak feljegyzésekor rögzítse a dupla opt-in IP címét.",
"settings.restart": "Újraindítás",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Ügyfél-azonosító",
"settings.security.OIDCClientSecret": "Ügyfél titka",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Engedélyezze az OpenID Connect OAuth2 bejelentkezést egy OAuth-szolgáltatón keresztül.",
"settings.security.OIDCName": "Szolgáltató neve",
"settings.security.OIDCRedirectURL": "URL-cím átirányítása az oAuth-szolgáltatóhoz",

5
i18n/it.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Registra l'indirizzo IP di consenso",
"settings.privacy.recordOptinIPHelp": "Registra l'indirizzo IP dei double opt-in negli attributi dell'iscritto.",
"settings.restart": "Riavviare",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID client",
"settings.security.OIDCClientSecret": "Segreto client",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Abilita l'accesso OAuth2 con OpenID Connect OAuth2 tramite un provider OAuth.",
"settings.security.OIDCName": "Nome provider",
"settings.security.OIDCRedirectURL": "URL di reindirizzamento per il provider oAuth",

5
i18n/jp.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "オプトインIPアドレスを記録する",
"settings.privacy.recordOptinIPHelp": "購読者属性にダブルオプトインのIPアドレスを記録します。",
"settings.restart": "再起動",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "クライアントID",
"settings.security.OIDCClientSecret": "クライアントシークレット",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "OAuthプロバイダを介したOpenID Connect OAuth2ログインを有効にします。",
"settings.security.OIDCName": "プロバイダー名",
"settings.security.OIDCRedirectURL": "oAuthプロバイダのリダイレクトURL",

25
i18n/ko.json
View file

@ -29,9 +29,9 @@
"campaigns.cantUpdate": "진행 중이거나 완료된 캠페인은 수정할 수 없습니다.",
"campaigns.clicks": "클릭",
"campaigns.confirmDelete": "{name} 삭제",
"campaigns.confirmOverwriteContent": "이 작업은 모든 내용을 덮어씁니다. 계속하시겠습니까?",
"campaigns.confirmSchedule": "이 캠페인은 예약된 날짜와 시간에 자동으로 시작됩니다. 지금 예약할까요?",
"campaigns.confirmSwitchFormat": "내용의 서식이 깨질 수 있습니다. 계속하시겠습니까?",
"campaigns.confirmOverwriteContent": "이 작업은 모든 내용을 덮어씁니다. 계속하시겠습니까?",
"campaigns.content": "콘텐츠",
"campaigns.contentHelp": "여기에 콘텐츠 입력",
"campaigns.continue": "계속",
@ -47,9 +47,11 @@
"campaigns.fieldInvalidName": "이름의 길이가 잘못되었습니다.",
"campaigns.fieldInvalidSendAt": "예약 날짜는 미래여야 합니다.",
"campaigns.fieldInvalidSubject": "제목의 길이가 잘못되었습니다.",
"campaigns.format": "서식",
"campaigns.formatHTML": "HTML 서식화",
"campaigns.fromAddress": "발신자 주소",
"campaigns.fromAddressPlaceholder": "이름 <noreply@yoursite.com>",
"campaigns.importVisualTemplate": "비주얼 템플릿 가져오기",
"campaigns.invalid": "잘못된 캠페인",
"campaigns.invalidCustomHeaders": "잘못된 커스텀 헤더: {error}",
"campaigns.markdown": "마크다운",
@ -74,9 +76,6 @@
"campaigns.rawHTML": "원본 HTML",
"campaigns.removeAltText": "대체 일반 텍스트 메시지 제거",
"campaigns.richText": "리치 텍스트",
"campaigns.importVisualTemplate": "비주얼 템플릿 가져오기",
"campaigns.visual": "비주얼",
"campaigns.format": "서식",
"campaigns.schedule": "캠페인 예약",
"campaigns.scheduled": "예약됨",
"campaigns.send": "발송",
@ -104,6 +103,7 @@
"campaigns.trackLink": "링크 추적",
"campaigns.unSchedule": "예약 해제",
"campaigns.views": "조회수",
"campaigns.visual": "비주얼",
"dashboard.campaignViews": "캠페인 조회수",
"dashboard.linkClicks": "링크 클릭수",
"dashboard.messagesSent": "발송된 메시지",
@ -222,6 +222,7 @@
"globals.terms.dashboard": "대시보드",
"globals.terms.day": "일",
"globals.terms.hour": "시간",
"globals.terms.import": "가져오기",
"globals.terms.list": "리스트",
"globals.terms.lists": "리스트",
"globals.terms.media": "미디어",
@ -229,8 +230,8 @@
"globals.terms.messengers": "메신저",
"globals.terms.minute": "분",
"globals.terms.month": "월",
"globals.terms.none": "없음",
"globals.terms.new": "새로",
"globals.terms.none": "없음",
"globals.terms.second": "초",
"globals.terms.settings": "설정",
"globals.terms.subscriber": "구독자",
@ -244,7 +245,6 @@
"globals.terms.user": "사용자",
"globals.terms.users": "사용자",
"globals.terms.year": "년",
"globals.terms.import": "가져오기",
"import.alreadyRunning": "가져오기가 이미 실행 중입니다. 완료되거나 중지될 때까지 기다렸다가 다시 시도하세요.",
"import.blocklist": "차단 목록",
"import.csvDelim": "CSV 구분자",
@ -511,10 +511,10 @@
"settings.privacy.allowPrefsHelp": "구독자가 이름, 다중 리스트 구독 등 환경설정을 변경할 수 있도록 허용",
"settings.privacy.allowWipe": "데이터 삭제 허용",
"settings.privacy.allowWipeHelp": "구독자가 본인 및 모든 구독 데이터를 영구적으로 삭제할 수 있도록 허용. 캠페인 조회/클릭 기록도 삭제되나 통계에는 영향 없음.",
"settings.privacy.domainBlocklist": "도메인 차단 목록",
"settings.privacy.domainAllowlist": "도메인 허용 목록",
"settings.privacy.domainBlocklistHelp": "이 도메인의 이메일 주소는 구독할 수 없습니다. 한 줄에 하나씩 입력. 예: example.com",
"settings.privacy.domainAllowlistHelp": "이 도메인의 이메일 주소만 구독할 수 있습니다. 한 줄에 하나씩 입력. 예: example.com, *.example.com",
"settings.privacy.domainBlocklist": "도메인 차단 목록",
"settings.privacy.domainBlocklistHelp": "이 도메인의 이메일 주소는 구독할 수 없습니다. 한 줄에 하나씩 입력. 예: example.com",
"settings.privacy.individualSubTracking": "개별 구독자 추적",
"settings.privacy.individualSubTrackingHelp": "구독자별 캠페인 조회 및 클릭을 추적합니다. 비활성화 시 개별 구독자와 연결되지 않은 채로 추적됩니다.",
"settings.privacy.listUnsubHeader": "`List-Unsubscribe` 헤더 포함",
@ -523,13 +523,18 @@
"settings.privacy.recordOptinIP": "옵트인 IP 기록",
"settings.privacy.recordOptinIPHelp": "더블 옵트인 시 구독자 속성에 IP 주소를 기록합니다.",
"settings.restart": "재시작",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "클라이언트 ID",
"settings.security.OIDCClientSecret": "클라이언트 시크릿",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "OAuth 제공자를 통한 OpenID Connect OAuth2 로그인을 활성화합니다.",
"settings.security.OIDCName": "제공자 이름",
"settings.security.OIDCRedirectURL": "OAuth 제공자 리디렉션 URL",
"settings.security.OIDCRedirectWarning": "프로덕션 URL이 아닌 것 같습니다. '일반' 설정에서 루트 URL을 변경하세요.",
"settings.security.OIDCURL": "제공자 URL",
"settings.security.OIDCName": "제공자 이름",
"settings.security.OIDCWarning": "OIDC가 활성화되면 기본 비밀번호 로그인이 비활성화됩니다. 잘못된 설정 시 접근이 불가할 수 있습니다.",
"settings.security.captchaKey": "hCaptcha.com 사이트키",
"settings.security.captchaKeyHelp": "www.hcaptcha.com에서 키와 시크릿을 발급받으세요.",
@ -651,4 +656,4 @@
"users.userRoles": "사용자 역할",
"users.username": "사용자명",
"users.usernameHelp": "비밀번호 로그인에 사용됩니다."
}
}

5
i18n/ml.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "ഓപ്റ്റ്-ഇന്‍ IP വിലാസം രേഖപ്പെടുത്തൂ",
"settings.privacy.recordOptinIPHelp": "ഡബിള്‍ ഓപ്റ്റ് ഇന്‍സ് സബ്സ്ക്രൈബറുടെ വിവരഗണനയിലേക്ക് IP വിലാസം രേഖപ്പെടുത്തൂ.",
"settings.restart": "പുനരാരംഭിയ്ക്കുക",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ക്ലയന്റ് ഐഡി",
"settings.security.OIDCClientSecret": "ക്ലയന്റ് സീക്രട്ട്",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "ഒപ്പെന്‍ഐഡി കണക്റ്റ് ഓഴോത്ത്_2 ലോഗിന്‍ ഒഎആത്വര്‍ഗ്ഗത്തിന് ഒഎഓപി പ്രേഷകനമാക്കുക.",
"settings.security.OIDCName": "പ്രൊവൈഡർ പേര്",
"settings.security.OIDCRedirectURL": "ഓഓആത്വര്‍ഗ്ഗത്തിലേക്കായ മാലിന്റ്ആര്‍ട്ടിയിലേക്ക് തിരിയുക",

7
i18n/nl.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Opt-in IP-adres registreren",
"settings.privacy.recordOptinIPHelp": "IP-adres van dubbele opt-ins registreren bij abonnee-attributen.",
"settings.restart": "Herstarten",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Client ID",
"settings.security.OIDCClientSecret": "Clientgeheim",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Schakel inloggen via OpenID Connect OAuth2 in via een OAuth-provider.",
"settings.security.OIDCName": "Provider naam",
"settings.security.OIDCRedirectURL": "Redirect-URL voor oAuth-provider",
@ -651,4 +656,4 @@
"users.userRoles": "Gebruikersrollen",
"users.username": "Gebruikersnaam",
"users.usernameHelp": "Wordt gebruikt voor inloggen met een wachtwoord"
}
}

5
i18n/no.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Registrer opt-in IP-adresse",
"settings.privacy.recordOptinIPHelp": "Registrer IP-adressen for dobbelt opt-ins i abonnentattributtene.",
"settings.restart": "Start på nytt",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Klient-ID",
"settings.security.OIDCClientSecret": "Klienthemmelighet",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Aktiver OpenID Connect OAuth2-pålogging via en OAuth-leverandør.",
"settings.security.OIDCName": "Leverandørnavn",
"settings.security.OIDCRedirectURL": "Omdirigerings-URL for OAuth-leverandør",

5
i18n/pl.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Zapisz adres IP zgody na otrzymywanie",
"settings.privacy.recordOptinIPHelp": "Zapisz adres IP podwójnej zgody na otrzymywanie w atrybutach subskrybenta.",
"settings.restart": "Uruchom ponownie",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID klienta",
"settings.security.OIDCClientSecret": "Sekret klienta",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Włącz logowanie OAuth2 za pomocą OpenID Connect OAuth2 za pomocą dostawcy OAuth.",
"settings.security.OIDCName": "Nazwa dostawcy",
"settings.security.OIDCRedirectURL": "URL przekierowania dla dostawcy oAuth",

5
i18n/pt-BR.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Registrar endereço IP de aceitação",
"settings.privacy.recordOptinIPHelp": "Registrar o endereço IP de aceitação dupla nas atributos do assinante.",
"settings.restart": "Reiniciar",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID do cliente",
"settings.security.OIDCClientSecret": "Segredo do cliente",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Permite o login OpenID Connect OAuth2 através de um provedor OAuth.",
"settings.security.OIDCName": "Nome do provedor",
"settings.security.OIDCRedirectURL": "URL de redirecionamento para o provedor oAuth",

5
i18n/pt.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Registrar endereço de IP de opt-in",
"settings.privacy.recordOptinIPHelp": "Registrar o endereço IP de opt-ins duplos nos atributos do assinante.",
"settings.restart": "Reiniciar",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID do Cliente",
"settings.security.OIDCClientSecret": "Segredo do Cliente",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Habilitar login OAuth2 do OpenID Connect via um fornecedor OAuth.",
"settings.security.OIDCName": "Nome do provedor",
"settings.security.OIDCRedirectURL": "URL de redirecionamento para o provedor de oAuth",

5
i18n/ro.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Înregistrare adresă IP de opt-in",
"settings.privacy.recordOptinIPHelp": "Înregistrați adresa IP a confirmărilor duble în atributele abonaților.",
"settings.restart": "Repornește",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID client",
"settings.security.OIDCClientSecret": "Secret client",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Activează autentificarea OpenID Connect OAuth2 prin intermediul unui furnizor OAuth.",
"settings.security.OIDCName": "Numele furnizorului",
"settings.security.OIDCRedirectURL": "URL de redirecționare pentru furnizorul oAuth",

5
i18n/ru.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Записывать IP-адрес подтверждения подписки",
"settings.privacy.recordOptinIPHelp": "Записывать IP-адрес двойных подтверждений в атрибуты подписчика.",
"settings.restart": "Перезапустить",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID клиента",
"settings.security.OIDCClientSecret": "Секрет клиента",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Включить вход через OpenID Connect OAuth2 через провайдера OAuth.",
"settings.security.OIDCName": "Имя провайдера",
"settings.security.OIDCRedirectURL": "URL перенаправления для провайдера OAuth",

5
i18n/se.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Registrera opt-in-IP-adress",
"settings.privacy.recordOptinIPHelp": "Registrera IP-adress för dubbelopt-in i prenumerationars attribut.",
"settings.restart": "Starta om",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Klient-ID",
"settings.security.OIDCClientSecret": "Klienthemlighet",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Aktivera inloggning med OpenID Connect OAuth2 via en OAuth-leverantör.",
"settings.security.OIDCName": "Leverantörsnamn",
"settings.security.OIDCRedirectURL": "URL för omdirigering för oAuth-leverantör",

5
i18n/sk.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Zaznamenávať IP adresu opt-in",
"settings.privacy.recordOptinIPHelp": "Zaznamenávať IP adresu pri dvojitej opt-in v atribútoch odberateľov.",
"settings.restart": "Restarť",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID klienta",
"settings.security.OIDCClientSecret": "Heslo klienta",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Povoľuje prihlásenie sa pomocou OpenID Connect OAuth2 cez poskytovateľa OAuth.",
"settings.security.OIDCName": "Názov poskytovateľa",
"settings.security.OIDCRedirectURL": "Presmerovacia URL adresa pre poskytovateľa oAuth",

5
i18n/sl.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Zabeleži IP naslov za privolitev",
"settings.privacy.recordOptinIPHelp": "Zabeleži naslov IP dvojne privolitve v atribute naročnika.",
"settings.restart": "Ponovni zagon",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "ID odjemalca",
"settings.security.OIDCClientSecret": "Skrivnost odjemalca",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Omogoči prijavo preko OpenID Connect OAuth2 prek ponudnika OAuth.",
"settings.security.OIDCName": "Ime ponudnika",
"settings.security.OIDCRedirectURL": "Preusmeritveni URL za ponudnika oAuth",

5
i18n/tr.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Opt-in IP adresini kaydet",
"settings.privacy.recordOptinIPHelp": "Çift onay aboneliklerinin IP adreslerini abone özelliklerinde kaydedin.",
"settings.restart": "Yeniden başlat",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "İstemci Kimliği",
"settings.security.OIDCClientSecret": "İstemci Sırrı",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Bir OAuth sağlayıcı aracılığıyla OpenID Connect OAuth2 girişini etkinleştirin.",
"settings.security.OIDCName": "Sağlayıcı adı",
"settings.security.OIDCRedirectURL": "OAuth sağlayıcı için Yönlendirme URL'si",

5
i18n/uk.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Записувати IP-адресу згоди",
"settings.privacy.recordOptinIPHelp": "Додавати в атрибути підписни_ці IP-адресу подвійної згоди.",
"settings.restart": "Перезапустити",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Ідентифікатор клієнта",
"settings.security.OIDCClientSecret": "Секрет клієнта",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Увімкнути вхід OpenID Connect OAuth2 через постачальника обслуговування OAuth.",
"settings.security.OIDCName": "Назва провайдера",
"settings.security.OIDCRedirectURL": "URL перенаправлення для постачальника oAuth",

5
i18n/vi.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "Ghi lại IP đăng ký",
"settings.privacy.recordOptinIPHelp": "Ghi lại địa chỉ IP của đăng ký kép vào thuộc tính của người đăng ký.",
"settings.restart": "Khởi động lại",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "Mã client ID",
"settings.security.OIDCClientSecret": "Mã client secret",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "Bật đăng nhập OpenID Connect OAuth2 thông qua một nhà cung cấp OAuth.",
"settings.security.OIDCName": "Tên nhà cung cấp",
"settings.security.OIDCRedirectURL": "URL chuyển hướng cho nhà cung cấp oAuth",

5
i18n/zh-CN.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "记录开通IP地址",
"settings.privacy.recordOptinIPHelp": "在订阅者属性中记录双选订阅的IP地址。",
"settings.restart": "重新开始",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "客户端ID",
"settings.security.OIDCClientSecret": "客户端密钥",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "通过OAuth提供程序启用OpenID Connect OAuth2登录。",
"settings.security.OIDCName": "Provider name",
"settings.security.OIDCRedirectURL": "oAuth提供程序的重定向URL",

5
i18n/zh-TW.json
View file

@ -523,8 +523,13 @@
"settings.privacy.recordOptinIP": "記錄訂閱同意的 IP 位址",
"settings.privacy.recordOptinIPHelp": "在訂閱者屬性中記錄 double opt-ins 的 IP 位址。",
"settings.restart": "重新開始",
"settings.security.OIDCAutoCreateUsers": "Auto-create users",
"settings.security.OIDCAutoCreateUsersHelp": "Automatically create user on first login if the account doesn't exist.",
"settings.security.OIDCClientID": "用戶端ID",
"settings.security.OIDCClientSecret": "用戶端密鑰",
"settings.security.OIDCDefaultListRole": "Default list role",
"settings.security.OIDCDefaultRoleHelp": "Default role assigned to users auto-created from OIDC.",
"settings.security.OIDCDefaultUserRole": "Default user role",
"settings.security.OIDCHelp": "啟用 OpenID Connect OAuth2 登入,透過 OAuth 提供者。",
"settings.security.OIDCName": "提供者名稱",
"settings.security.OIDCRedirectURL": "oAuth 提供者的重新導向網址",

25
internal/auth/auth.go
View file

@ -21,18 +21,23 @@ import (
)
type OIDCclaim struct {
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
Sub string `json:"sub"`
Picture string `json:"picture"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
Sub string `json:"sub"`
Picture string `json:"picture"`
Name string `json:"name"`
PreferredUsername string `json:"preferred_username"`
}
type OIDCConfig struct {
Enabled bool `json:"enabled"`
ProviderURL string `json:"provider_url"`
RedirectURL string `json:"redirect_url"`
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
Enabled bool `json:"enabled"`
ProviderURL string `json:"provider_url"`
RedirectURL string `json:"redirect_url"`
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
AutoCreateUsers bool `json:"auto_create_users"`
DefaultUserRoleID int `json:"default_user_role_id"`
DefaultListRoleID int `json:"default_list_role_id"`
}
type BasicAuthConfig struct {
@ -331,7 +336,7 @@ func (o *Auth) validateSession(c echo.Context) (*simplesessions.Session, User, e
userID, err := o.sessStore.Int(vars["user_id"], nil)
if err != nil || userID < 1 {
o.log.Printf("error fetching session user ID: %v", err)
return nil, User{}, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
return nil, User{}, echo.NewHTTPError(http.StatusInternalServerError, "invalid session.")
}
// Fetch user details from the database.

5
internal/core/users.go
View file

@ -27,7 +27,7 @@ func (c *Core) GetUser(id int, username, email string) (auth.User, error) {
var out auth.User
if err := c.q.GetUser.Get(&out, id, username, email); err != nil {
if err == sql.ErrNoRows {
return out, echo.NewHTTPError(http.StatusInternalServerError,
return out, echo.NewHTTPError(http.StatusNotFound,
c.i18n.Ts("globals.messages.notFound", "name", "{globals.terms.user}"))
}
@ -141,8 +141,7 @@ func (c *Core) LoginUser(username, password string) (auth.User, error) {
var out auth.User
if err := c.q.LoginUser.Get(&out, username, password); err != nil {
if err == sql.ErrNoRows {
return out, echo.NewHTTPError(http.StatusForbidden,
c.i18n.T("users.invalidLogin"))
return out, echo.NewHTTPError(http.StatusForbidden, c.i18n.T("users.invalidLogin"))
}
return out, echo.NewHTTPError(http.StatusInternalServerError,

25
internal/migrations/v5.1.0.go Normal file
View file

@ -0,0 +1,25 @@
package migrations
import (
"log"
"github.com/jmoiron/sqlx"
"github.com/knadh/koanf/v2"
"github.com/knadh/stuffbin"
)
func V5_1_0(db *sqlx.DB, fs stuffbin.FileSystem, ko *koanf.Koanf, lo *log.Logger) error {
// Update OIDC settings to include auto_create_users and default_user_role_id fields if not present
_, err := db.Exec(`
UPDATE settings
SET value = value::JSONB
|| CASE WHEN NOT (value::JSONB ? 'auto_create_users') THEN '{"auto_create_users": false}'::JSONB ELSE '{}'::JSONB END
|| CASE WHEN NOT (value::JSONB ? 'default_user_role_id') THEN '{"default_user_role_id": null}'::JSONB ELSE '{}'::JSONB END
|| CASE WHEN NOT (value::JSONB ? 'default_list_role_id') THEN '{"default_list_role_id": null}'::JSONB ELSE '{}'::JSONB END
WHERE key = 'security.oidc';
`)
if err != nil {
return err
}
return nil
}

15
models/settings.go
View file

@ -1,5 +1,7 @@
package models
import "gopkg.in/volatiletech/null.v6"
// Settings represents the app settings stored in the DB.
type Settings struct {
AppSiteName string `json:"app.site_name"`
@ -42,11 +44,14 @@ type Settings struct {
SecurityCaptchaSecret string `json:"security.captcha_secret"`
OIDC struct {
Enabled bool `json:"enabled"`
ProviderURL string `json:"provider_url"`
ProviderName string `json:"provider_name"`
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
Enabled bool `json:"enabled"`
ProviderURL string `json:"provider_url"`
ProviderName string `json:"provider_name"`
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
AutoCreateUsers bool `json:"auto_create_users"`
DefaultUserRoleID null.Int `json:"default_user_role_id"`
DefaultListRoleID null.Int `json:"default_list_role_id"`
} `json:"security.oidc"`
UploadProvider string `json:"upload.provider"`

2
schema.sql
View file

@ -256,7 +256,7 @@ INSERT INTO settings (key, value) VALUES
('security.enable_captcha', 'false'),
('security.captcha_key', '""'),
('security.captcha_secret', '""'),
('security.oidc', '{"enabled": false, "provider_url": "", "provider_name": "", "client_id": "", "client_secret": ""}'),
('security.oidc', '{"enabled": false, "provider_url": "", "provider_name": "", "client_id": "", "client_secret": "", "auto_create_users": false, "default_user_role_id": null, "default_list_role_id": null}'),
('upload.provider', '"filesystem"'),
('upload.max_file_size', '5000'),
('upload.extensions', '["jpg","jpeg","png","gif","svg","*"]'),