99 lines
2.7 KiB
Markdown
99 lines
2.7 KiB
Markdown
---
|
|
title: Writefreely
|
|
---
|
|
|
|
<span class="badge badge--secondary">Support level: Community</span>
|
|
|
|
## What is Writefreely
|
|
|
|
> An open source platform for building a writing space on the web.
|
|
>
|
|
> -- https://writefreely.org/
|
|
|
|
:::caution
|
|
Currently it is not possible to connect writefreely to authentik without making an adjustment in the database. See [here](https://github.com/writefreely/writefreely/issues/516) and [Writefreely Setup](https://goauthentik.io/integrations/services/writefreely/#writefreely-setup)
|
|
:::
|
|
|
|
## Preparation
|
|
|
|
The following placeholders will be used:
|
|
|
|
- `writefreely.company` is the FQDN of the writefreely install.
|
|
- `authentik.company` is the FQDN of the authentik install.
|
|
|
|
## authentik Configuration
|
|
|
|
### Step 1 - OAuth2/OpenID Provider
|
|
|
|
Create a OAuth2/OpenID Provider (under _Applications/Providers_) with these settings:
|
|
|
|
- Name: writefreely
|
|
- Redirect URI: `https://writefreely.company/oauth/callback/generic`
|
|
|
|
### Step 3 - Application
|
|
|
|
Create an application (under _Resources/Applications_) with these settings:
|
|
|
|
- Name: Writefreely
|
|
- Slug: writefreely
|
|
- Provider: writefreely
|
|
|
|
## Writefreely Setup
|
|
|
|
### Database
|
|
|
|
Currently the column `access_token` is configured too small, so it needs to be adjusted
|
|
|
|
```
|
|
ALTER TABLE `oauth_users` MODIFY `access_token` varchar(2048);
|
|
```
|
|
|
|
### Configuration
|
|
|
|
Configure Writefreely settings by editing the `config.ini` and add the following:
|
|
|
|
So that new users can be created the following variable must be set to true
|
|
|
|
```
|
|
open_registration = false
|
|
```
|
|
|
|
To disable the local login/registration use the following setting (this is useful because writefreely attracts a lot of spam)
|
|
|
|
```
|
|
disable_password_auth = false
|
|
```
|
|
|
|
The following settings must be made for oauth
|
|
|
|
```
|
|
[oauth.generic]
|
|
client_id = <Client ID>
|
|
client_secret = <Client Secret>
|
|
host = https://authentik.company
|
|
display_name = authentik
|
|
callback_proxy =
|
|
callback_proxy_api =
|
|
token_endpoint = /application/o/token/
|
|
inspect_endpoint = /application/o/userinfo/
|
|
auth_endpoint = /application/o/authorize/
|
|
scope = openid profile email
|
|
allow_disconnect = false
|
|
map_user_id = sub
|
|
map_username = nickname
|
|
map_display_name = name
|
|
map_email = email
|
|
```
|
|
|
|
Restart writefreely.service
|
|
|
|
## Account linking
|
|
|
|
If your usernames in authentik and WriteFreely are different, you might need to link your accounts before being able to use SSO.
|
|
|
|
To link the accounts, first log into Writefreely with local credentials, and then navigate to **Customize -->Account Settings**. In the option "Linked Accounts", click on "authentik".
|
|
|
|
## Additional Resources
|
|
|
|
- https://writefreely.org/docs/latest/admin/config
|