initial

2025-12-22 14:47:25 -05:00
parent d4e859f9a7
commit 00e9eb8986
81 changed files with 13933 additions and 0 deletions
--- a/backend/auth/init.py
+++ b/backend/auth/init.py
@@ -0,0 +1,25 @@
+from authlib.integrations.flask_client import OAuth
+
+oauth = OAuth()
+
+
+def init_oauth(app):
+    """Initialize OAuth/OIDC client"""
+    oauth.init_app(app)
+
+    # Only register Authelia provider if OIDC_ISSUER is configured
+    if app.config.get('OIDC_ISSUER'):
+        oauth.register(
+            name='authelia',
+            client_id=app.config['OIDC_CLIENT_ID'],
+            client_secret=app.config['OIDC_CLIENT_SECRET'],
+            server_metadata_url=app.config['OIDC_ISSUER'] + '/.well-known/openid-configuration',
+            client_kwargs={
+                'scope': 'openid email profile',
+                'token_endpoint_auth_method': 'client_secret_basic'
+            }
+        )
+    else:
+        app.logger.warning('OIDC_ISSUER not configured - OAuth authentication disabled')
+
+    return oauth