{"id":24764291,"url":"https://github.com/liut/staffio","last_synced_at":"2025-05-11T22:02:06.089Z","repository":{"id":35285528,"uuid":"39546454","full_name":"liut/staffio","owner":"liut","description":"An OAuth2 server that provides managed services for enterprise employees","archived":false,"fork":false,"pushed_at":"2025-04-28T07:44:37.000Z","size":6929,"stargazers_count":52,"open_issues_count":0,"forks_count":12,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-28T08:35:44.964Z","etag":null,"topics":["cas","employee-management","exmail","feishu","go-ldap","lark","ldap","oauth2","oauth2-provider","oauth2-server","sso","wechat"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/liut.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2015-07-23T04:54:33.000Z","updated_at":"2025-04-28T07:44:40.000Z","dependencies_parsed_at":"2024-01-04T12:23:37.300Z","dependency_job_id":"1725b07d-1c71-4a98-97fa-4ba8f7c712d0","html_url":"https://github.com/liut/staffio","commit_stats":null,"previous_names":[],"tags_count":44,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liut%2Fstaffio","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liut%2Fstaffio/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liut%2Fstaffio/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/liut%2Fstaffio/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/liut","download_url":"https://codeload.github.com/liut/staffio/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253639578,"owners_count":21940446,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cas","employee-management","exmail","feishu","go-ldap","lark","ldap","oauth2","oauth2-provider","oauth2-server","sso","wechat"],"created_at":"2025-01-28T21:47:19.174Z","updated_at":"2025-05-11T22:02:05.979Z","avatar_url":"https://github.com/liut.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Staffio\n\nAn OAuth2 server that provides managed services for enterprise employees.\n\n\n## Features:\n\n* Employee security information is stored in LDAP.\n* Login authentication service and general membership settings.\n* Reset password using email and mobile phone number.\n* Create edit and delete employees by special members.\n* Maintainable APP Client ID and Secret.\n* Simple content article and link management.\n* Generic OAuth2 authentication and authorization management.\n* Directly CAS implement for V1 and V2.\n\n\n## Objects\n\n### Staff\n- `uid`: Username, required\n- `cn`: Full Name\n- `gn`: FirstName\n- `sn`: LastName, required\n- `nickname`\n- `birthday`: YYYYmmdd\n- `gender`: f, m\n- `email`: Email\n- `mobile`: Cell phone number\n- `avatarPath`: Avatar URI\n- `description`:\n- `joinDate`: YYYYmmdd\n\n### Group\n- `name`:\n- `description`:\n- `members`: []uid\n\n### User (online)\n- uid: Username\n- name: DisplayName\n\n## APIs of oauth2\n\n### Authorize (browse page)\n\u003e GET | POST /authorize\n\n### Retrieve Token\n\u003e GET | POST /token\n\n### Get Info\n\u003e GET | POST /info/{topic}\n\n#### Info topic\n1. `me`: `{me: User}`\n2. `me+{groupName}`: `{me: User, group}`\n3. `grafana` or `generic`: `{struct for grafana}`\n\n### APIs of \u003cabbr title=\"Central Authentication Service\"\u003eCAS\u003c/abbr\u003e\n\n| URI | Description |\n| -------- | -------- |\n| `/login` | credential requestor / acceptor |\n| `/logout` | destroy CAS session (logout) |\n| `/validate` | service ticket validation |\n| `/serviceValidate` | service ticket validation [CAS 2.0] |\n| `/proxyValidate` **TODO** | service/proxy ticket validation [CAS 2.0] |\n| `/proxy` **TODO** | proxy ticket service [CAS 2.0] |\n| `/p3/serviceValidate` **TODO** | service ticket validation [CAS 3.0] |\n| `/p3/proxyValidate` **TODO** | service/proxy ticket validation [CAS 3.0] |\n\n\n## Quick start\n\n### Run all components as docker containers\n\n````sh\n\n# openldap\ndocker run --name staffio-ldap -p 389:389 -p 636:636 \\\n\t-e LDAP_ADMIN_PASSWORD=mypassword \\\n\t-d liut7/staffio-ldap:latest\n\n# postgresql\ndocker create --name staffio-db-data -v /var/lib/postgresql busybox:1 echo staffio db data\ndocker run --name staffio-db -p 54322:5432 \\\n\t-e DB_PASS=mypassword \\\n\t-e TZ=Hongkong \\\n\t--volumes-from=staffio-db-data \\\n\t-d liut7/staffio-db:latest\n\n# staffio main server\ndocker run --name staffio -p 3030:3030 \\\n\t-e STAFFIO_BACKEND_DSN='postgres://staffio:mypassword@staffio-db/staffio?sslmode=disable' \\\n\t-e STAFFIO_LDAP_HOSTS='ldap://slapd' \\\n\t-e STAFFIO_LDAP_BASE=\"dc=example,dc=org\" \\\n\t-e STAFFIO_LDAP_BIND_DN=\"cn=admin,dc=example,dc=org\" \\\n\t-e STAFFIO_LDAP_PASS='mypassword' \\\n\t--link staffio-db --link staffio-ldap:slapd \\\n\t-d liut7/staffio:latest web\n\n# create a user as first staff and adminstrator\ndocker exec staffio staffio addstaff -u eagle -p mysecret -n eagleliut --sn liut\ndocker exec staffio staffio group -g keeper -a eagle\n\n# now can open http://localhost:3030/ in browser\n\n# add a oauth2 client (optional)\ndocker exec staffio staffio client --add demo --uri http://localhost:3000\n\n# list clients\ndocker exec staffio staffio client --list\n\n## for testing database\necho \"CREATE DATABASE staffiotest WITH OWNER = staffio ENCODING = 'UTF8';\" | docker exec -i staffio-db psql -Upostgres\necho \"GRANT ALL PRIVILEGES ON DATABASE staffiotest to staffio;\" | docker exec -i staffio-db psql -Upostgres\n\n````\n\n\n## prepare development\n\n### checkout\n\n````sh\n\ngo get -u github.com/liut/staffio\ncp -n .env.example .env\n\n````\n\n### environment\n\n\u003e `cat .env.example`\n```\nSTAFFIO_HTTP_LISTEN=\":3000\"\nSTAFFIO_LDAP_HOSTS=slapd.hostname\nSTAFFIO_LDAP_BASE=\"dc=example,dc=org\"\nSTAFFIO_LDAP_BIND_DN=\"cn=admin,dc=example,dc=org\"\nSTAFFIO_LDAP_PASS=\"mypassword\"\nSTAFFIO_BACKEND_DSN=\"postgres://staffio:mypassword@localhost:54322/staffio?sslmode=disable\"\nSTAFFIO_PASSWORD_SECRET=\"mypasswordsecret\"\n```\n\n## launch development\n\n````sh\ngo get -u github.com/ddollar/forego\ngo get -u github.com/liut/rerun\nnpm install\n\nforego start\n````\n\n## deployment\n\n```sh\nmake dist package\nscp dist/linux_amd64/staffio remote:/opt/staffio/bin/\nmake fe-build\nrsync -rpt --delete templates htdocs remote:/opt/staffio/\n```\n\n### add staff\n```sh\nforego run ./staffio addstaff -u eric -p AF1984 -n George --sn Blair\n```\n\n## Plan\n\n* \u003cdel\u003ePeoples and groups sync with WxWork\u003c/del\u003e\n* \u003cdel\u003eSignin with WxWork\u003c/del\u003e\n* Notification\n* Export for backup\n* Batch import or restore from backup\n* I18n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fliut%2Fstaffio","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fliut%2Fstaffio","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fliut%2Fstaffio/lists"}