What does HackerNews think of traefik-forward-auth?

Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy

Language: Go

#29 in Kubernetes
Show HN: Obligator – An OpenID Connect server for self-hosters | Oct 2023
I'm using https://github.com/thomseddon/traefik-forward-auth for my selfhosted ? is it better in term of security, thanks.
Tell HN: Upgrade your Metabase installation | Jul 2023
Expand Context ↕
You can also setup some reverse proxies to auth with SSO like Google. I use Traefik + https://github.com/thomseddon/traefik-forward-auth for personal projects, even on my local network.
Traefik, Now With Native Go Plugins | Sep 2020
Expand Context ↕
Like this but a plugin? https://github.com/thomseddon/traefik-forward-auth
Show HN: BuzzFeed open source SSO | Aug 2018
We took a slightly different approach to solving a similar problem: https://github.com/thomseddon/traefik-forward-auth

We were already using traefik as a proxy for our docker/swarm clusters and this is a single container drop in to add authentication to every traefik request.

It's still missing a few key features but it can get you started, we're testing the use of a single auth domain (so you don't have to add every internal service domain as a refirect_uri in Google - looks similar to how sso works) internally and we expect to release this shortly once finished.

Additionally, if you want an even lighter weight option, we also use, with great success, cloudflare's lua script on a few services we don't run with docker/traefik: https://github.com/cloudflare/nginx-google-oauth