I want my API controller to use SSL, so I added another directive to listen on my nginx.conf
upstream unicorn { server unix:/tmp/unicorn.foo.sock fail_timeout=0; } server { listen 80 default deferred; listen 443 ssl default; ssl_certificate /etc/ssl/certs/foo.crt; ssl_certificate_key /etc/ssl/private/foo.key; server_name foo; root /var/apps/foo/current/public; try_files $uri/system/maintenance.html $uri/index.html $uri @unicorn; location @unicorn { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://unicorn; } error_page 502 503 /maintenance.html; error_page 500 504 /500.html; keepalive_timeout 5; }
which without any problems passes nginx conftest. I also added a force_ssl directive to my ApiController
class ApiController < ApplicationController force_ssl if Rails.env.production? def auth user = User.authenticate(params[:username], params[:password]) respond_to do |format| format.json do if user user.generate_api_key! unless user.api_key.present? render json: { key: user.api_key } else render json: { error: 401 }, status: 401 end end end end def check user = User.find_by_api_key(params[:api_key]) respond_to do |format| format.json do if user render json: { status: 'ok' } else render json: { status: 'failure' }, status: 401 end end end end end
which worked fine when I did not use SSL, but now when I try to execute curl --LI http://foo/api/auth.json , I am redirecting to https correctly, but then I continue to redirect to http://foo/api/auth , ending with an infinite redirect loop.
My routes just have
get "api/auth" get "api/check"
I am using Rails 3.2.1 on Ruby 1.9.2 with nginx 0.7.65
redirect ruby-on-rails ssl ruby-on-rails-3 nginx
Jakub Arnold Feb 25 '12 at 21:18 2012-02-25 21:18
source share