Enable to skip authentication when deployed behind a reverse proxy

[tesence]

Describe the solution you'd like

Hello

It would be nice to delegate the authentication workflow to a reverse proxy up front (basic_auth).

Memos is currently not easily deployable behind such reverse proxy as it stores the bearer token in the "Authorization" header, that the basic auth also uses, leading to memos not working at all.

-> User authenticates through basic auth, the reverse proxy set the "Authorization" header as follow "Basic XXXX"
-> Memos is not able to parse the header as it expects it to be either "Bearer XXXX" or ""

The only workaround I found is to delete the Authorization header from the request before redirecting to Memos, losing the basic authentication.

An option would be to enable the user to set a custom header with the id of the logged user through basic auth.

Type of feature

Integrations

Additional context

No response