Nginx Authentication Using the auth_request Module

Question

Nginx Authentication Using the auth_request Module

I installed nginx with the auth_request module enabled, but I have a problem when I try to configure authentication. I want to authenticate through a php script, when the user makes a request to this place, then the nginx request to the php file, and if the answer is 2xx, then the authentication is true, if the answer is 4xx, then the authentication failed.

This is what I did now and it works great on this thing, but I don’t know how to pass arguments to the php file, for example, user password: http://example.com/live/index.php?username=test&password = password

Here is a configuration that works without these arguments.

location /live { auth_request /http_auth; } location /http_auth { proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Original-URI $request_uri; proxy_pass http://127.0.0.1/login.php; }

thanks

+6

authentication php nginx

user3393046 Apr 25 '14 at 17:40

source share

1 answer

Pedrosena · Answer 1 · 2014-09-18T14:31:32+0000

The trick here is to combine auth_basic and auth_request , here is an example:

 location = /api { satisfy any; auth_basic "Restricted Access"; auth_basic_user_file "/usr/local/nginx/htpasswd"; auth_request /auth; try_files $uri $uri/ /api.html; } location = /auth { proxy_pass http://localhost:8080; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Original-URI $request_uri; }

You will notice that the auth_basic_user_file file is present, and you probably do not want it, but you can leave the file empty, satisfy any will accept any successful results, auth_basic will fail, but it will also set the user and password in the HTTP headers that are redirected to your backend script where you can handle them accordingly.

Nginx Authentication Using the auth_request Module

More articles: