Skip to content

enum-gg/caddy-discord

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Caddy - Discord Discord

tl;dr: Authenticate caddy routes based on a Discord User Identity.
e.g. Accessing /really-cool-people requires user to have {Role} within {Guild}

This package contains a module allowing authorization in Caddy based on a Discord Identity, by using Discords OAuth2 flow (authorization code grant).


Licensed under GNU Affero General Public License v3.0
Logo by @AutonomousCat


Caddy Modules

caddydiscord
http.authentication.providers.discord
http.handler.discord

Docker (Container)

docker run -p 8080:8080 \
  --rm -v $PWD/Caddyfile:/etc/caddy/Caddyfile \
  enumgg/caddy-discord:v1.0.1

Discord Resources

realm allows you to name a label and group together specific targeted Discord Users by using the directives below.

Resource Description Example
User ID Discord User IDs (optionally with guild presence)
realm godmode {
user 314009111187026172 # Allow user regardless of which guild they are in
guild 1063070451111289907 {
user 314009111187026199 # Allow user if they're part of guild
}
}
Guild Any user that exists within the guild
realm cool_guild_users {
guild 1063070451111289907 {
* # Allows all users
}
}
Role Users that assigned a specific role within a guild
realm cool_role {
guild 1063070451111289907 {
role 106301111332755034
role 106301111332755034
}
}

Loosely inspired from caddy-security's Discord OAuth2 module, with a much stronger focus on coupling Discord and Caddy for authentication purposes.

Install

Download Latest Version

  1. Download caddy + caddy-discord
    • Using released binaries
    • Build yourself using xcaddy
      • xcaddy build --with github.com/enum-gg/caddy-discord
  2. Create Discord Application (Discord Developer Portal)
    • New Application
    • OAuth2
      • Obtain your Client ID & Client secret
      • Add Redirects Docs
  3. Prepare your Caddyfile
    • Gather your Discord App OAuth2 Client ID & Client Secret,
    • Decide your route for caddy-discords to use as the OAuth2

Caddyfile Example

{
    discord {
        client_id 1000000000000000000 # Discord app OAuth client ID 
        client_secret 8CEPZZZZZAfl_w19ZZZZW_k # Discord app OAuth secret
        redirect http://localhost:8080/discord/callback # Route you've configured with `discordauth callback`

        realm clique {
            guild 106307051119907 {
                role 10630111112755034
            }
        }
        
        realm just_for_me {
            user 31400111187026172
        }
    }
}

http://localhost:8080 {
    route /discord/callback {
         # Desigate route as OAuth callback endpoint
         discord callback 
   }

    route /discordians-only {
         # Only allow discord users that auth against 'really_cool_area' realm 
         protect using clique 
        
         respond "Hello {http.auth.user.username}!<br /><br /><img src='https://cdn.discordapp.com/avatars/{http.auth.user.id}/{http.auth.user.avatar}?size=4096.png'> "
    }

    respond "Hello, world!"
}

Building

xcaddy build --with github.com/enum-gg/caddy-discord=./