Hi,
I want to setup a self-hosted instance for a closed group of users. My current solution would be to hide it behind Basic-Auth but allowed users can still create random Accounts. Therefore I need an user administration, meaning only the admin can manage the users
- create new users; this can include the social-auth methods (e.g. confirm account).
- delete users
- block users (only disable login)
- no guest mode (#237)
Optional features could be
- custom names (independent of email-address/social-name) (#268)
- user management with LDAP / PAM (#93)
- store social-credentials in LDAP (Network, Username, ...)
- use login credentials from Basic-Auth
Joe136
All 13 comments
PR welcome 馃槃
jackycute
on 10 Dec 2016
I would be very happy about the ability to run hackmd self-hosted and private. I don't want everyone to be able to register and use hackmd on my server. Keep up the good work!
Braintelligence
on 9 Jan 2017
@Braintelligence: I agree. At the very least there should be a simple admin UI -- with ability to list all entries and most important of all: a toggle for enabling/disabling a registration feature (eg, an option to enable/disable feature such as registration, where we could have "Registration Required" for private or "Open Registration" for public).
k0nsl
on 14 Apr 2017
I agree, an option for disabling registration would be really useful.
zeigerpuppy
on 17 Jun 2017
@zeigerpuppy, there is already a option to disable the registration: HMD_ALLOW_EMAIL_REGISTER
Simply set it to false.
SISheogorath
on 17 Jun 2017
I have another idea:
Couldn't there be a setting ENFORCE_EMAIL_DOMAIN=test.local which allows only mail addresses of this domain to register?
rriemann
on 26 Nov 2017
@rriemann's proposal would probably solve most corporate-self-hosted use cases.
ccoenen
on 26 Nov 2017
Should be easy to manage. You can add an option for that here:
And of course in the config directory:
https://github.com/hackmdio/hackmd/tree/master/lib/config
PRs are welcome 馃槃
SISheogorath
on 26 Nov 2017
I think this is really do-able. Unfortunately, I am still stack with getting SSL to work and have to dig into that first. So I hope someone else may be able to step up to solve this already in 2017.
rriemann
on 26 Nov 2017
I just want to add some information to this issue:
Thanks to @nebukadneza's work it's now possible to basically manage email users.
Also it's possible to use an LDAP and SAML backend if you like. From my perspective LDAP or SAML are the better way for closed group setups, since they are stable and actually made for this, while the "local user" feature still feels half-backed and HackMD not designed for it.
We also introduced the possibility to disable the creation of notes by guests while keeping the ability to edit notes, which is maybe useful for these closed group setup when people like to share the pad with some 3rd party.
I want to mention, that HackMD EE has already added and entire user management.
CE will also get one but it probably needs some time, as everything is build during our free time and actually from my side it doesn't have such a focus on it as I disabled all local user management for HackMD on my instances.
Help is really wanted for this, so feel free to discuss, draft and file a PR for it!
SISheogorath
on 1 Feb 2018
i took the liberty of correcting a tiny but critical typo in your message, @SISheogorath ("not possible" -> "now possible")
ccoenen
on 1 Feb 2018
馃憤 Thanks, this was an important fix! I should maybe re-read my texts one more time ^^
SISheogorath
on 1 Feb 2018
Hello, Everyone, I have supported allowedDomains for google OAuth
Please check this out and let me know how should I handle the case where some other domain is trying to login. Right now I'm just displaying a string Domain not allowed
ref: https://github.com/jaswanth098/codimd/pull/1
jaswanth098
on 25 Nov 2019
Related issues
mxmo0rhuhn
路
3Comments
yaxu
路
4Comments
almereyda
路
4Comments
mxmilkiib
路
3Comments
arnisoph
路
5Comments