Support token/api-based logins for LDAP enabled instances #228
Description
Checklist
- I checked, but didn't find any duplicates (open OR closed) of this issue in the repo.
- This issue contains only one feature request. I will open one issue for every feature I want to request.
What feature do you want?
@coxde regarding API keys, I have two issues with them:
- It requires new UI, the first iteration just re-used NC login flow. Supporting tokens is doable but not high-prio
- People are terrible at typing long strings of gibberish on mobile. Password managers are optimized for login + password too, so I don't see much added value or usability (quite the opposite, actually)
Tokens are revocable though, so it might be better for security, but the app is open source which offers decent proofs of the fact that it doesn't leak credentials to third parties. To summarize, I just don't see much value in switching to tokens, but I'm not against this option either
Originally posted by @bubelov in #76 (comment)
I agree with your points here but if you've setup your instance to authorize through LDAP backend where you will not not have a password you won't be able to login entirely.
I don't know if miniflux (the backend) supports authentication through the browser or not but that also comes to mind as a potential support I've seen in other software for login.
Why do you want this feature?
I want to login to the miniflux instance as simple as that :)