-
I am an application developer and I am integrating Casdoor as my primary authentication and authorization point at the moment. I am planning to lower the barrier of entry for people who want to self-host it as much as possible. My biggest problem is that I have no way to setup up everything that my application needs out of the box in Casdoor (#2606). Let's assume this is fixed and continue my thoughts. Now the application needs to know about the relevant Casdoor configuration.
Scripting all of this is trivial in any language and as such one can easily bootstrap this solution in a pre-defined environment. What is not so easy in my eyes is to ensure that the certificates stay valid over time and are refreshed without trouble for the people using the application. Is there a reliable way to make those secrets unique to every application instance and still perform a hands-free setup for self-hosting folks? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
@SchoolGuy can you list your specific questions in 1, 2, 3? |
Beta Was this translation helpful? Give feedback.
random.go
I learned that clientId and clientSecret are just random hexadecimal strings with 10 and 20. That can be also generated during first startup.