Tools/Notes
1
0
Fork 0
mirror of https://github.com/TriliumNext/Notes.git synced 2025-07-27 18:12:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2249 from TriliumNext/odic

Browse Source 
MFA docs improve
This commit is contained in:
Elian Doran 2025-06-11 22:08:21 +03:00 committed by GitHub
commit 65b7c2d82f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
18 changed files with 67 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/client/src/translations/cn/translation.json
View File

@ -1333,7 +1333,7 @@
"recovery_keys_used": "已使用: {{date}}",
"recovery_keys_unused": "恢复代码 {{index}} 未使用",
"oauth_title": "OAuth/OpenID 认证",
"oauth_description": "OpenID 是一种标准化方式,允许您使用其他服务(如 Google的账户登录网站,以验证您的身份。请参阅这些 <a href=\"https://developers.google.com/identity/openid-connect/openid-connect\">指南</a> 通过 Google 设置 OpenID 服务。",
"oauth_description": "OpenID 是一种标准化方式,允许您使用其他服务(如 Google的账号登录网站来验证您的身份。默认的身份提供者是 Google但您可以更改为任何其他 OpenID 提供者。点击<a href=\"#root/_hidden/_help/_help_Otzi9La2YAUX/_help_WOcw2SLH6tbX/_help_7DAiwaf8Z7Rz\">这里</a>了解更多信息。请参阅这些 <a href=\"https://developers.google.com/identity/openid-connect/openid-connect\">指南</a> 通过 Google 设置 OpenID 服务。",
"oauth_description_warning": "要启用 OAuth/OpenID您需要设置 config.ini 文件中的 OAuth/OpenID 基础 URL、客户端 ID 和客户端密钥,并重新启动应用程序。如果要从环境变量设置,请设置 TRILIUM_OAUTH_BASE_URL、TRILIUM_OAUTH_CLIENT_ID 和 TRILIUM_OAUTH_CLIENT_SECRET 环境变量。",
"oauth_missing_vars": "缺少以下设置项: {{missingVars}}",
"oauth_user_account": "用户账号:",

2
apps/client/src/translations/en/translation.json
View File

@ -1493,7 +1493,7 @@
"recovery_keys_used": "Used: {{date}}",
"recovery_keys_unused": "Recovery code {{index}} is unused",
"oauth_title": "OAuth/OpenID",
"oauth_description": "OpenID is a standardized way to let you log into websites using an account from another service, like Google, to verify your identity. Follow these <a href=\"https://developers.google.com/identity/openid-connect/openid-connect\">instructions</a> to setup an OpenID service through Google.",
"oauth_description": "OpenID is a standardized way to let you log into websites using an account from another service, like Google, to verify your identity. The default issuer is Google, but you can change it to any other OpenID provider. Check <a href=\"#root/_hidden/_help/_help_Otzi9La2YAUX/_help_WOcw2SLH6tbX/_help_7DAiwaf8Z7Rz\">here</a> for more information. Follow these <a href=\"https://developers.google.com/identity/openid-connect/openid-connect\">instructions</a> to setup an OpenID service through Google.",
"oauth_description_warning": "To enable OAuth/OpenID, you need to set the OAuth/OpenID base URL, client ID and client secret in the config.ini file and restart the application. If you want to set from environment variables, please set TRILIUM_OAUTH_BASE_URL, TRILIUM_OAUTH_CLIENT_ID and TRILIUM_OAUTH_CLIENT_SECRET.",
"oauth_missing_vars": "Missing settings: {{variables}}",
"oauth_user_account": "User Account: ",

2
apps/client/src/widgets/type_widgets/content_widget.ts
View File

@ -45,7 +45,7 @@ import { t } from "../../services/i18n.js";
import LanguageOptions from "./options/i18n/language.js";
import type BasicWidget from "../basic_widget.js";
import CodeTheme from "./options/code_notes/code_theme.js";
import RelatedSettings from "./options/related_settings.js";
import RelatedSettings from "./options/appearance/related_settings.js";
const TPL = /*html*/`<div class="note-detail-content-widget note-detail-printable">
<style>

5
apps/client/src/widgets/type_widgets/options/related_settings.ts → apps/client/src/widgets/type_widgets/options/appearance/related_settings.ts
View File

@ -1,6 +1,5 @@
import type FNote from "../../../entities/fnote";
import type { OptionPages } from "../content_widget";
import OptionsWidget from "./options_widget";
import type { OptionPages } from "../../content_widget";
import OptionsWidget from "../options_widget";
const TPL = `\
<div class="options-section">

2
apps/server/src/assets/doc_notes/en/User Guide/!!!meta.json generated vendored
View File

File diff suppressed because one or more lines are too long

2
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation.html generated vendored
View File

@ -46,7 +46,7 @@
variable to something larger than the integer <code>250</code> (e.g. <code>450</code> in
the following example):</p><pre><code class="language-text-x-trilium-auto">export MAX_ALLOWED_FILE_SIZE_MB=450</code></pre>
<h3>Disabling Authentication</h3>
<p>See&nbsp;<a class="reference-link" href="#root/pOsGYCXsbNQG/Otzi9La2YAUX/_help_0hzsNCP31IAB">Authentication</a>.</p>
<p>See&nbsp;<a class="reference-link" href="#root/_help_0hzsNCP31IAB">Authentication</a>.</p>
<h2>Reverse Proxy Setup</h2>
<p>To configure a reverse proxy for Trilium, you can use either <strong>nginx</strong> or <strong>Apache</strong>.
You can also check out the documentation stored in the Reverse proxy folder.</p>

16
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/2. Reverse proxy/Nginx.html generated vendored
View File

@ -10,7 +10,14 @@ vim default.conf</code></pre>
</li>
<li>
<p>Fill the file with the context shown below, part of the setting show be
changed. Then you can enjoy your web with HTTPS forced and proxy.</p><pre><code class="language-text-x-trilium-auto"># This part is for proxy and HTTPS configure
changed. Then you can enjoy your web with HTTPS forced and proxy.</p><pre><code class="language-text-x-trilium-auto"># This part configures, where your Trilium server is running
upstream trilium {
zone trilium 64k;
server 127.0.0.1:8080; # change it to a different hostname and port if non-default is used
keepalive 2;
}
# This part is for proxy and HTTPS configure
server {
listen 443 ssl;
server_name trilium.example.net; #change trilium.example.net to your domain without HTTPS or HTTP.
@ -29,9 +36,8 @@ server {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://127.0.0.1:8080; # change it to a different port if non-default is used
proxy_pass http://trilium;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8080 https://trilium.example.net; # change them based on your IP, port and domain
}
}
@ -52,16 +58,16 @@ server {
<li>add the <code>proxy_cookie_path</code> directive with the same path: this
allows you to stay logged in at multiple instances at the same time.</li>
</ul><pre><code class="language-text-x-trilium-auto"> location /trilium/instance-one {
rewrite /trilium/instance-one/(.*) /$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://127.0.0.1:8080; # change it to a different port if non-default is used
proxy_pass http://trilium;
proxy_cookie_path / /trilium/instance-one
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8080 https://trilium.example.net; # change them based on your IP, port and domain
}
</code></pre>
</li>

12
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/Authentication.html generated vendored
View File

@ -4,7 +4,7 @@
by adding the following to <code>config.ini</code>:</p><pre><code class="language-text-x-trilium-auto">[General]
noAuthentication=true</code></pre>
<p>Disabling authentication will bypass even the&nbsp;<a class="reference-link"
href="#root/pOsGYCXsbNQG/Otzi9La2YAUX/WOcw2SLH6tbX/_help_7DAiwaf8Z7Rz">Multi-Factor Authentication</a>&nbsp;since
href="#root/_help_7DAiwaf8Z7Rz">Multi-Factor Authentication</a>&nbsp;since
v0.94.1.</p>
<h2>Understanding how the session works</h2>
<p>Once logged into Trilium, the application will store this information
@ -22,14 +22,14 @@ cookieMaxAge=86400</code></pre>
the <em>last interaction with the application</em>.</p>
<h2>Viewing active sessions</h2>
<p>The login sessions are now stored in the same&nbsp;<a class="reference-link"
href="#root/pOsGYCXsbNQG/tC7s2alapj8V/_help_wX4HbRucYSDD">Database</a>&nbsp;as
the user data. In order to view which sessions are active, open the&nbsp;
<a
class="reference-link" href="#root/pOsGYCXsbNQG/tC7s2alapj8V/wX4HbRucYSDD/oyIAJ9PvvwHX/_help_YKWqdJhzi2VY">SQL Console</a>&nbsp;and run the following query:</p><pre><code class="language-text-x-sqlite-schema-trilium">SELECT * FROM sessions</code></pre>
href="#root/_help_wX4HbRucYSDD">Database</a>&nbsp;as the user data. In
order to view which sessions are active, open the&nbsp;<a class="reference-link"
href="#root/_help_YKWqdJhzi2VY">SQL Console</a>&nbsp;and run the following
query:</p><pre><code class="language-text-x-trilium-auto">SELECT * FROM sessions</code></pre>
<p>Expired sessions are periodically cleaned by the server, generally an
hourly interval.</p>
<h2>See also</h2>
<ul>
<li><a class="reference-link" href="#root/pOsGYCXsbNQG/Otzi9La2YAUX/WOcw2SLH6tbX/_help_7DAiwaf8Z7Rz">Multi-Factor Authentication</a>
<li><a class="reference-link" href="#root/_help_7DAiwaf8Z7Rz">Multi-Factor Authentication</a>
</li>
</ul>

12
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.html generated vendored
View File

@ -41,10 +41,6 @@ class="admonition warning">
the page).</li>
</ol>
<h3>OpenID</h3>
<aside class="admonition note">
<p>Currently only compatible with Google. Other services like Authentik and
Auth0 are planned on being added.</p>
</aside>
<p>In order to setup OpenID, you will need to setup a authentication provider.
This requires a bit of extra setup. Follow <a href="https://developers.google.com/identity/openid-connect/openid-connect">these instructions</a> to
setup an OpenID service through google.</p>
@ -62,3 +58,11 @@ class="admonition warning">
<li>Choose “OAuth/OpenID” under MFA Method</li>
<li>Refresh the page and login through OpenID provider</li>
</ol>
<aside class="admonition note">
<p>The default OAuth issuer is Google. To use other services such as Authentik
or Auth0, you can configure the settings via <code>oauthIssuerBaseUrl</code>, <code>oauthIssuerName</code>,
and <code>oauthIssuerIcon</code> in the <code>config.ini</code> file. Alternatively,
these values can be set using environment variables: <code>TRILIUM_OAUTH_ISSUER_BASE_URL</code>, <code>TRILIUM_OAUTH_ISSUER_NAME</code>,
and <code>TRILIUM_OAUTH_ISSUER_ICON</code>. <code>oauthIssuerName</code> and <code>oauthIssuerIcon</code> are
required for displaying correct issuer information at the Login page.</p>
</aside>

3
apps/server/src/assets/doc_notes/en/User Guide/User Guide/Theme development/Reference.html generated vendored
View File

@ -135,7 +135,8 @@ body.electron:not(.native-titlebar) {
<h2>Custom fonts</h2>
<p>Currently the only way to include a custom font is to use&nbsp;<a href="#root/_help_d3fAXQ2diepH">Custom resource providers</a>.
Basically import a font into Trilium and assign it <code>#customResourceProvider=fonts/myfont.ttf</code> and
then import the font in CSS via <code>/custom/fonts/myfont.ttf</code>.</p>
then import the font in CSS via <code>/custom/fonts/myfont.ttf</code>. Use <code>../../../custom/fonts/myfont.ttf</code> if
you run your Trilium server on a different path than <code>/</code>.</p>
<h2>Dark and light themes</h2>
<p>A light theme needs to have the following CSS:</p><pre><code class="language-text-css">:root {
--theme-style: light;

2
docs/Developer Guide/!!!meta.json vendored
View File

@ -1,6 +1,6 @@
{
"formatVersion": 2,
"appVersion": "0.94.0",
"appVersion": "0.94.1",
"files": [
{
"isClone": false,

2
docs/Release Notes/!!!meta.json vendored
View File

@ -1,6 +1,6 @@
{
"formatVersion": 2,
"appVersion": "0.94.0",
"appVersion": "0.94.1",
"files": [
{
"isClone": false,

2
docs/Release Notes/Release Notes/v0.94.1.md vendored
View File

@ -1,6 +1,6 @@
# v0.94.1
> [!NOTE]
> *TriliumNext Notes* will rebrand itself back to Trilium Notes since @zadam was kind enough to give us the original name. See [#2190](https://github.com/orgs/TriliumNext/discussions/2190) for more info. This will probably be the "last" version branded as *TriliumNext Notes*.
> _TriliumNext Notes_ will rebrand itself back to Trilium Notes since @zadam was kind enough to give us the original name. See [#2190](https://github.com/orgs/TriliumNext/discussions/2190) for more info. This will probably be the "last" version branded as _TriliumNext Notes_.
> [!IMPORTANT]
> If you enjoyed this release, consider showing a token of appreciation by:

51
docs/User Guide/!!!meta.json vendored
View File

@ -1,6 +1,6 @@
{
"formatVersion": 2,
"appVersion": "0.94.0",
"appVersion": "0.94.1",
"files": [
{
"isClone": false,
@ -189,23 +189,23 @@
{
"type": "relation",
"name": "internalLink",
"value": "fDLvzOx29Pfg",
"value": "0hzsNCP31IAB",
"isInheritable": false,
"position": 120
},
{
"type": "relation",
"name": "internalLink",
"value": "fDLvzOx29Pfg",
"isInheritable": false,
"position": 130
},
{
"type": "label",
"name": "shareAlias",
"value": "server-installation",
"isInheritable": false,
"position": 30
},
{
"type": "relation",
"name": "internalLink",
"value": "0hzsNCP31IAB",
"isInheritable": false,
"position": 130
"position": 10
}
],
"format": "markdown",
@ -269,14 +269,14 @@
"name": "shareAlias",
"value": "packaged-server-installation",
"isInheritable": false,
"position": 20
"position": 10
},
{
"type": "label",
"name": "iconClass",
"value": "bx bxl-tux",
"isInheritable": false,
"position": 30
"position": 20
}
],
"format": "markdown",
@ -674,32 +674,32 @@
"mime": "text/html",
"attributes": [
{
"type": "label",
"name": "iconClass",
"value": "bx bx-lock-alt",
"type": "relation",
"name": "internalLink",
"value": "wX4HbRucYSDD",
"isInheritable": false,
"position": 10
},
{
"type": "relation",
"name": "internalLink",
"value": "7DAiwaf8Z7Rz",
"value": "YKWqdJhzi2VY",
"isInheritable": false,
"position": 20
},
{
"type": "relation",
"name": "internalLink",
"value": "wX4HbRucYSDD",
"value": "7DAiwaf8Z7Rz",
"isInheritable": false,
"position": 30
},
{
"type": "relation",
"name": "internalLink",
"value": "YKWqdJhzi2VY",
"type": "label",
"name": "iconClass",
"value": "bx bx-lock-alt",
"isInheritable": false,
"position": 40
"position": 10
}
],
"format": "markdown",
@ -736,19 +736,12 @@
"isInheritable": false,
"position": 10
},
{
"type": "label",
"name": "shareHiddenFromTree",
"value": "",
"isInheritable": false,
"position": 20
},
{
"type": "label",
"name": "iconClass",
"value": "bx bx-stopwatch",
"isInheritable": false,
"position": 30
"position": 20
}
],
"format": "markdown",

2
docs/User Guide/User Guide/Installation & Setup/Server Installation/Authentication.md vendored
View File

@ -27,7 +27,7 @@ When “Remember me” is unchecked, the behavior is different. At client/browse
The login sessions are now stored in the same <a class="reference-link" href="../../Advanced%20Usage/Database.md">Database</a> as the user data. In order to view which sessions are active, open the <a class="reference-link" href="../../Advanced%20Usage/Database/Manually%20altering%20the%20database/SQL%20Console.md">SQL Console</a> and run the following query:
```trilium
```
SELECT * FROM sessions
```

6
docs/User Guide/User Guide/Installation & Setup/Server Installation/Multi-Factor Authentication.md vendored
View File

@ -34,9 +34,6 @@ MFA can only be set up on a server instance.
### OpenID
> [!NOTE]
> Currently only compatible with Google. Other services like Authentik and Auth0 are planned on being added.
In order to setup OpenID, you will need to setup a authentication provider. This requires a bit of extra setup. Follow [these instructions](https://developers.google.com/identity/openid-connect/openid-connect) to setup an OpenID service through google.
1. Set the `oauthBaseUrl`, `oauthClientId` and `oauthClientSecret` in the `config.ini` file (check <a class="reference-link" href="../../Advanced%20Usage/Configuration%20(config.ini%20or%20e.md">Configuration (config.ini or environment variables)</a> for more information).
@ -46,3 +43,6 @@ In order to setup OpenID, you will need to setup a authentication provider. This
4. Click the “Enable Multi-Factor Authentication” checkbox if not checked
5. Choose “OAuth/OpenID” under MFA Method
6. Refresh the page and login through OpenID provider
> [!NOTE]
> The default OAuth issuer is Google. To use other services such as Authentik or Auth0, you can configure the settings via `oauthIssuerBaseUrl`, `oauthIssuerName`, and `oauthIssuerIcon` in the `config.ini` file. Alternatively, these values can be set using environment variables: `TRILIUM_OAUTH_ISSUER_BASE_URL`, `TRILIUM_OAUTH_ISSUER_NAME`, and `TRILIUM_OAUTH_ISSUER_ICON`. `oauthIssuerName` and `oauthIssuerIcon` are required for displaying correct issuer information at the Login page.