Casdoor Grafana has configured the redirect url, but when logging in, casdoor reports that the url of localhost is not in the redirect list，after add localhost to the redirect url list, it will jump to localhost, change localhost to domain of grafana, it is working , the database record is right

i follow the https://casdoor.org/docs/basic/server-installation for local dev .then i got this cors error.

my app.conf file content

appname = casdoor
httpport = 8000
runmode = dev
copyrequestbody = true
driverName = mysql
dataSourceName = root:a123456@tcp(127.0.0.1:3306)/
dbName = casdoor
tableNamePrefix =
showSql = true
redisEndpoint =
defaultStorageProvider = 
isCloudIntranet = false
authState = "casdoor"
socks5Proxy = "127.0.0.1:10082"
verificationCodeTimeout = 10
initScore = 2000
logPostOnly = false
origin = "http://localhost:7001"
staticBaseUrl = "https://cdn.casbin.org"
isDemoMode = false
batchSize = 100
ldapServerPort = 389
languages = en,zh,es,fr,de,ja,ko,ru
quota = {"organization": -1, "user": -1, "application": -1, "provider": -1}

Hello, everyone!

I am just a beginner with casdoor. I am trying to test a retrieve password, but received this error:

unknown authentication type (not password or provider), form = {
	"type": "login",
	"organization": "org",
	"username": "",
	"password": "",
	"name": "",
	"email": "",
	"phone": "",
	"affiliation": "",
	"idCard": "",
	"region": "",
	"application": "socbazar",
	"provider": "",
	"code": "38316",
	"state": "",
	"redirectUri": "",
	"method": "",
	"emailCode": "",
	"phoneCode": "",
	"phonePrefix": "7",
	"autoSignin": false,
	"relayState": "",
	"samlResponse": ""
}

The username is found and the email substituted in the form field, but they are not sent to the server. Email provider is configured and working.

What I am doing wrong?

These are some very minor changes, so no demos are provided.

Make Dockerfile more productive.

• Build all-in-one image:

docker build --target ALLINONE -t casbin/casdoor-all-in-one:latest .

• Build standard image:

docker build --target STANDARD -t casbin/casdoor:latest .

Solve the problem that the PermissionList page jumped abnormally when clicking the permission name in the list.

• Insert the owner into the url when jumping to the permissions details page.

Fix incorrect SignupApplication field value in initBuiltInUser.

• Wrong SignupApplication value causes exceptions in multiple functions for the first admin user, such as uploading avatars, user detail pages, etc.

The contents of the public key field are actually the contents of the certificate, not the public key.

Consider changing the name of the field to "certificate" or the contents of the field to the public key.

The Python SDK recently use the certificate to generate public key automaticly, but the PHP SDK still need to convert manually.

Hi all!

I have a small question on using sdk (golang).

After updating the user, how to get a token with these updates?

Steps:

1. Get token

token, err := auth.GetOAuthToken(code, state)

2. Parse JWT token

jwtClaims, err := auth.ParseJwtToken(token.AccessToken)

3. Change jwtClaims.User

4. Update user

ok, err := auth.UpdateUserForColumns(&jwtClaims.User, []string{"properties"})

5. How to get AccessToken string (JWT token) with an updated user?

Hello 👋

I'm using casdoor v1.103.0 with docker compose, and I want to pass the environment variables from the docs to the container.

Example:

version: '3.9'

services:
  casdoor:
    image: casbin/casdoor:${CASDOOR_IMAGE_VERSION}
    restart: 'no'
    entrypoint: /bin/sh -c './server --createDatabase=true'
    environment:
      RUNNING_IN_DOCKER: "true"
      APPNAME: ${CASDOOR_APP_NAME}
      HTTPPORT: ${CASDOOR_HTTP_PORT}
      RUNMODE: ${CASDOOR_RUN_MODE}
      SESSIONON: ${CASDOOR_SESSION_ON}
      COPYREQUESTBODY: ${CASDOOR_COPY_REQUEST_BODY}
      DRIVERNAME: ${DATABASE_HOST}
      DATASOURCENAME: ${DATABASE_USER}:${DATABASE_USER_PASSWORD}@tcp(${DATABASE_HOST}:${DATABASE_PORT})/
      DBNAME: ${DATABASE_NAME}
      TABLENAMEPREFIX: ${CASDOOR_TABLE_NAME_PREFIX}
      SHOWSQL: ${CASDOOR_SHOW_SQL}
      REDISENDPOINT: ${CASDOOR_REDIS_ENDPOINT}
      DEFAULTSTORAGEPROVIDER: ${CASDOOR_DEFAULT_STORAGE_PROVIDER}
      ISCLOUDINTRANET: ${CASDOOR_IS_CLOUD_INTRANET}
      AUTHSTATE: ${CASDOOR_AUTH_STATE}
      SOCKS5PROXY: ${CASDOOR_SOCKS5_PROXY}
      VERIFICATIONCODETIMEOUT: ${CASDOOR_VERIFICATION_CODE_TIMEOUT}
      INITSCORE: ${CASDOOR_INIT_SCORE}
      LOGPOSTONLY: ${CASDOOR_LOG_POST_ONLY}
      ORIGIN: ${CASDOOR_ORIGIN}
      STATICBASEURL: ${CASDOOR_STATIC_BASE_URL}
    depends_on:
      - mysql

It is possible to make this feature?

Thanks in advance.

in arm ，i use casdoor Administration is ok ，

but i use open_oidc sign with my app ，the front is blank

and the log is

2022/08/09 09:24:06.886 [D]  |   192.168.68.1| 200 |   1.252743ms| nomatch| GET      /login/oauth/authorize

i use the gitea example， The result is the same

Same parameter configuration in amd64 is ok

Here are two plugins can be used as references:

1. KeyCloak: https://apisix.apache.org/docs/apisix/plugins/authz-keycloak/
2. Casbin: https://apisix.apache.org/docs/apisix/plugins/authz-casbin

The new plugin auth-casdoor will be added by making PR to APISIX's repo like how it's done for authz-casbin: https://github.com/apache/apisix/pull/4710

We can choose to make a casdoor-lua-sdk first or not, based on how the developer decide it.

There is some existing work to connect APISIX with Casdoor via OIDC: https://github.com/casdoor/casdoor/issues?q=apisix , but plugin is a better and easier solution. So a plugin is also important as well.

Currently, Casdoor uses a home-made logging-in mechanism: https://github.com/casbin/casdoor/blob/master/controllers/account.go

It's not standard and it's unsafe, the password is transmitted over the network.

Finally, we will move to OAuth 2.0 + OIDC. It means that applications like Casbin OA (both JS client and Go backend) will talk to Casdoor via the OAuth 2.0 + OIDC protocols.

We can use: https://github.com/go-oauth2/oauth2 to implement our OAuth 2.0 + OIDC server-side.

The existing code:

• Casdoor JS client SDK: https://github.com/casbin/casbin-oa/tree/master/web/src/auth (currently for agile development, we put the code inside Casbin-OA, so we don't need to publish to NPM then import it in dependency file. In future, when the API is stablized, we will separate the Casdoor JS client code into a new repo and release to NPM)
• Casdoor Go SDK: not available yet, because currently Casbin-OA doesn't involve any server-side code to talk to Casdoor, only client does. This is NOT correct. So we will formulate a Go SDK in the Casbin-OA Go code.

Some reference about this topic: https://github.com/casbin/casdoor/issues/10

• env: docker with image casdoor-all-in-one
• OIDC Discovery shows that issuer and other endpoints are start with https not http, not config any tls for this environment and do not find any configuration to change https to http.
• when use OIDC, it always redirect to https, and it's not work.(http works perfectly)

I try to run casdoor with Makefile and tried also with docker-compose and get always same error:

casdoor-casdoor-1 exited with code 2 casdoor-casdoor-1 | panic: prefix should has path casdoor-casdoor-1 | casdoor-casdoor-1 | goroutine 1 [running]: casdoor-casdoor-1 | github.com/beego/beego.(*Tree).addtree(0x0, {0x2b42ae0, 0x174ef40, 0xc000a0e4e8}, 0x1, {0x0, 0x0, 0xc000a0e018}, {0x0, 0x0}) casdoor-casdoor-1 | /go/src/casdoor/vendor/github.com/beego/beego/tree.go:58 +0x1185 casdoor-casdoor-1 | github.com/beego/beego.(*Tree).AddTree(0x174ef40, {0x0, 0xc000040430}, 0x3) casdoor-casdoor-1 | /go/src/casdoor/vendor/github.com/beego/beego/tree.go:53 +0x54 casdoor-casdoor-1 | github.com/beego/beego.(*Namespace).Namespace(0xc0000ae828, {0xc00035b278, 0x1, 0x1}) casdoor-casdoor-1 | /go/src/casdoor/vendor/github.com/beego/beego/namespace.go:212 +0x205 casdoor-casdoor-1 | github.com/beego/beego.NSNamespace.func1(0x30) casdoor-casdoor-1 | /go/src/casdoor/vendor/github.com/beego/beego/namespace.go:387 +0x5a casdoor-casdoor-1 | github.com/beego/beego.NewNamespace({0x19eb591, 0x1}, {0xc00035bce0, 0x2, 0x1}) casdoor-casdoor-1 | /go/src/casdoor/vendor/github.com/beego/beego/namespace.go:42 +0x104 casdoor-casdoor-1 | github.com/casdoor/casdoor/routers.initAPI() casdoor-casdoor-1 | /go/src/casdoor/routers/router.go:33 +0x1a7 casdoor-casdoor-1 | github.com/casdoor/casdoor/routers.init.1() casdoor-casdoor-1 | /go/src/casdoor/routers/router.go:29 +0x17

close: #1141

1. For delete the specified user's session, we need to maintain a table that store the userId and all the sessionIds. When deleting the user by admin, Casdoor can get the sessionId by userId then destroy the session to implement the function.
2. Other effect, further study about single logout. For example, if we want to implement multiple device log out in the same time. We also need to maintain a table to store all sessionIds about this user. When user logout, we can get all sessionId of the user by query the table. Then destroy sessions to logout in multiple device.

In the registry, check the phone number needs to be registered after the alert binding, in actual use, Oauth registration and direct registration, did not achieve this function, registration completed directly into the home page

Should add all providers here: https://github.com/markbates/goth#supported-providers to Casdoor

Similar as one provider (Line): https://github.com/casdoor/casdoor/pull/1413