Giter Site home page Giter Site logo

Comments (4)

kolaente avatar kolaente commented on June 2, 2024

what i've observed is this, and i've reproduced it a few times now to check too

start order is important for the 'log in with authentik' button to appear

if i start vikunja without authentik / traefik then the button disappears and never will be visible

if i start authentik / traefik and then start vikunja then the button appears

This is by design. Vikunja will try to reach the auth provider when the first request to the /api/v1/info endpoint is made, usually when you open Vikunja in the browser. I would not host Vikunja and Authentik in the same docker compose stack to make that work.

Where exactly is the slash missing in the docs? The actual url used is inferred from the .well-known response from the provider.

from vikunja.

mrpops2ko avatar mrpops2ko commented on June 2, 2024

what i've observed is this, and i've reproduced it a few times now to check too
start order is important for the 'log in with authentik' button to appear
if i start vikunja without authentik / traefik then the button disappears and never will be visible
if i start authentik / traefik and then start vikunja then the button appears

This is by design. Vikunja will try to reach the auth provider when the first request to the /api/v1/info endpoint is made, usually when you open Vikunja in the browser. I would not host Vikunja and Authentik in the same docker compose stack to make that work.

Where exactly is the slash missing in the docs? The actual url used is inferred from the .well-known response from the provider.

what is the logic of the design? for example i have vikunja and authentik in separate docker compose stacks (traefik and authentik are in the same stack) and if i need to take traefik down to add some new network or make a modification, then vikunja will be up and unable to reach the endpoint so it will just never present authentik SSO

https://gyazo.com/52bee35cd51e586e771a3988b422a648.png trailing slash here

from vikunja.

kolaente avatar kolaente commented on June 2, 2024

what is the logic of the design? for example i have vikunja and authentik in separate docker compose stacks (traefik and authentik are in the same stack) and if i need to take traefik down to add some new network or make a modification, then vikunja will be up and unable to reach the endpoint so it will just never present authentik SSO

It's mostly to speed things up and do not hit the auth endpoint for discovery all the time. Usually this is not a problem as auth providers are somewhat critical and thus need to be up constantly.

If Vikunja was able to see the auth provider and cached the provider, and you restart Traefik only, Vikunja will still have the entry in cache and not "forget" it.

from vikunja.

mrpops2ko avatar mrpops2ko commented on June 2, 2024

what is the logic of the design? for example i have vikunja and authentik in separate docker compose stacks (traefik and authentik are in the same stack) and if i need to take traefik down to add some new network or make a modification, then vikunja will be up and unable to reach the endpoint so it will just never present authentik SSO

It's mostly to speed things up and do not hit the auth endpoint for discovery all the time. Usually this is not a problem as auth providers are somewhat critical and thus need to be up constantly.

If Vikunja was able to see the auth provider and cached the provider, and you restart Traefik only, Vikunja will still have the entry in cache and not "forget" it.

alright thank you, well i can only hope that you will reconsider this design decision because on some levels it makes no sense.

if we were to add up the cumulative cost, across every single vikunja user hitting some endpoint that was down, once every say 30 seconds i'm sure the cumulative cost across the span of a year is less than $5

the amount of wasted cpu cycles, extra 'load' and all the rest is so virtually low that if we were to graph it out it'd be so statistically insignificant that it'd be questionable if it was real

we are literally talking about loading what is likely a traefik 404 page if its a self hosted auth is down and repeating that every 30 seconds or whatever arbitary retry mechanism value, which im sure nobody is losing sleep over or could ever quantify into meaningful monetary loss or wasted performance

from vikunja.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.