This page is about Caddy 1 and will stay here forever.

User Guide


Login directive for Caddy, based on The login is checked against a backend and then returned as JWT token. This directive is designed to play together with the http.jwt middleware. The following providers (login backends) are supported: * Htpasswd * OSIAM * Simple (user/password pairs by configuration) * OAuth2 Login: Google, Facebook, Github, Bitbucket, Gitlab

Full documentation


Simple example
jwt { path / allow sub bob } login / { simple bob=secret,alice=secret }

The root context / is protected by the jwt middleware. The login is possible for the users alice and bob.

Users from htpasswd file
header /private Cache-Control "no-cache, no-store, must-revalidate" jwt { path /private redirect /login allow sub demo } login { success_url /private htpasswd file=passwords }

Protection of the path /private. The users are taken from the htpasswd file.

Github example with more customisation
jwt { path /my-account redirect /login } login { github client_id={$github_client_id},client_secret={$github_client_secret} success_url /my-account logout_url / template login_template.html jwt_expiry 24h cookie_expiry 2400h }

Github login, where the github api credentials are taken from environment variables. Template, redirect URLs and expiry times are configured.

Related Links

Access the full documentation for this plugin off-site:

Plugin Help

Get help from the maintainers of the http.login plugin:

Plugin Website

Visit http.login's website for more information:

Plugin Author: Sebastian Mancke
Last Updated: 19 Jan 2019, 7:03 PM
This plugin is independent of the Caddy project and is not endorsed or maintained by Caddy developers. Use at your own risk. Do not file issues for this plugin on Caddy's bug tracker.