How to add SMTP as authentication source


#1

Important Notes

  • This post is based on Gogs 0.8.57.0304.

Besides local type account, Gogs also supports three more types of authentication sources: LDAP, SMTP and PAM.

In this tutorial, we’re going to use SMTP as our example to allow any user to login Gogs whoever has a valid SMTP account. To add an authentication source, you must be site admin of your Gogs instance.

1. Create new source

Go to Admin Panel -> Authentications -> Add New Source (/admin/auths/new), then choose SMTP for Authentication Type:

For a quick demonstration, we’re going to use Gmail as our SMTP server backend, which means anyone who has a Gmail account, can login to the Gogs instance. So we put Gmail as our Authentication Name (name does not really matter, just for you to distinguish between multiple sources):

For the SMTP Authentication Type, we just remain default PLAIN. You can choose LOGIN if your SMTP server requires so.

Then you fill in SMTP server information about Gmail like so:

Notes:

  • Allowed Domains is used to restrict email address that has the specific suffix(es). For example, gmail.com will only allow the user who has email address xxx@gmail.com to log in; the user who has xxx@my.gmail.com can’t do so.
  • Skip TLS Verify should be enabled when you have self-signed certificates, but Gmail does not, so we leave it unchecked.

Click button Add New Source, you should see a new item on the authentication source list:

2. Log in via Gmail

Now, log out your current site admin account, and use a Gmail account to log in (SMTP will create new user if this email address has not been used):

If everything goes well, you should be redirected to your dashboard, and you can get following info on your settings page:

The part before @gmail.com will become your username automatically, and you cannot change it since it’s not a local type account.

Congratulations!

If later you want this account to be a local type, you can go to Admin Panel -> Users and find this account, then you can choose its account type to become local or any other available authentication source.


:speech_balloon: Please leave comments if you have any questions or concerns about this post.


#2

I followed the instructions but it always tells me that username or password is wrong…

If I switch a user to use the authentication source and then log in with the original username and the password of the authentication source, it works. (However, if I use Authentication Login Name to log in, it doesn’t work, that’s not expected behaviour I guess…)

But

This is not happening


#3

@fr0der1c can you file a formal issue on GitHub with more details?