OAuth
wanderer supports authentication with a large list of OAuth2 providers:
- GitHub
- Apple
- Microsoft
- Yandex
- GitLab
- Bitbucket
- Gitee
- Gitea
- Discord
- Kakao
- VK
- Spotify
- Twitch
- Patreon (v2)
- Strava
- LiveChat
- mailcow
- OpenID Connect
To set up OAuth support you will need to access the PocketBase backend. Make sure to forward port 8090 of the wanderer-db container. Access the PocketBase admin panel in your browser at http://<your_pocketbase_url>:8090/_/ and create an admin account.
This step will vary wildly from provider to provider. Please refer to your provider's documentation for the specific steps.
No matter your provider, you will need a redirect URL. This redirect URL must have the following format: $ORIGIN/login/redirect. $ORIGIN refers to the ORIGIN environment variable that defines the public host at which your wanderer instance can be reached. So for the default installation, the redirect URL is http://localhost:3000/login/redirect.
In any case, once you have successfully created your OAuth app you will receive a Client ID and a Client Secret.
In the PocketBase admin panel navigate to Settings -> Auth providers. Click the gear icon next to your provider, fill in the Client ID and Client Secret from the step before and save your changes.
That's it! You should now see your OAuth provider appear in wanderer's login form. Click the button, authorize wanderer and wait for the authentication to finish. You are now logged in and can use wanderer like any other user.