!!!!! Very Important Security bug
PrzemekSkw opened this issue · comments
I have that app on my vpn server and everyone who login with github account can enter my panel and change my wireguard configs.
Regards
this is how oauth2 oidc works, not sure there is a way to limit users
So it's become public server?
Bad news to Low spec vps and limited bw.
Yes, I use nginx-proxy, but I don't think it's true that @vx3r says:
this is how oauth2 oidc works, not sure there is a way to limit users
There has to be way to secure that. That will be useless.
regards.
i suggest using nginx basic auth or a oauth server you control (self hosted gitlab for example)