Access to Seafile user's data with custom token

michal777 · October 8, 2020, 3:55pm

Hi Guys,

We operate microservice backend serving our app. We are considering Seafile for file sync. I can’t find solution to following problem in Seafile documentation:

We deploy Seafile in our cloud. It would be behind our edge proxy that authorizes users.
When we create user in our platform, we will create his account in seafile server with the same user_id.
When user logs in – he gets authentication token (it encodes his username).

In order to have seamless UX, we need Seafile frontend respect our authentication token.
How to achieve it? What is the format of the token that Seafile will respect and find the users data?

Is it possilble to disable Seafile authentication and somehow use token to transport his username?
Is it possible to piggyback on OAuth mechanism, but still seamlessly redirect user to our hosted Seafile without any new user/pass inputs?

Please give me some hints or point to relevant documentation.

daniel.pan · October 9, 2020, 2:26am

Is it possilble to disable Seafile authentication and somehow use token to transport his username?

I’m sorry we don’t have such a feature yet.

michal777 · October 9, 2020, 6:47am

@daniel.pan Thanks for following up!

I read more of your documentation and I found this “remote_user.md” (can’t paste whole link in this forum)

Do you have bigger example how to use it? Is there definition of HTTP_REMOTE_USER or HTTP_X_AUTH_USER? Maybe I will construct them on the fly from our native token?

daniel.pan · October 9, 2020, 1:19pm

According to the manual, you can specify which header to be read as a user’s email. You have to make sure only your server can set and pass this header to Seafile for security.

michal777 · October 9, 2020, 2:26pm

excellent, I will try that. Thank you!