使用 auth_request 模块进行 Nginx 身份验证 [英] Nginx authentication with auth_request module
问题描述
我已经安装了启用了 auth_request 模块的 nginx,但是当我尝试设置身份验证时遇到了问题.我想通过 php 脚本进行身份验证,当用户向该位置发出请求时,nginx 请求到一个 php 文件,如果响应为 2xx,则身份验证为真,如果响应为 4xx,则身份验证失败.
i have installed nginx with auth_request module enabled, but i have a problem when i am trying to setup the authentication. I want to authenticate through a php script, when a user makes request to this location, then the nginx request to a php file and if the response will be 2xx then authentication true if the response will be 4xx then authentication failed.
这是我现在所做的,它正在完美地工作,但我不知道如何在 php 文件上传递参数,例如用户名密码:http://example.com/live/index.php?username=test&密码=密码
This is what i made for now and it is working perfect this thing but i dont know how to pass arguments on the php file like username password for example: http://example.com/live/index.php?username=test&password=password
这是在没有这些参数的情况下工作的配置.
Here is the configuration which is working without these arguments.
location /live {
auth_request /http_auth;
}
location /http_auth {
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
proxy_pass http://127.0.0.1/login.php;
}
谢谢
推荐答案
这里的技巧是结合 auth_basic
和 auth_request
,这里是一个例子:
The trick here is to combine auth_basic
and auth_request
, here is an example:
location = /api {
satisfy any;
auth_basic "Restricted Access";
auth_basic_user_file "/usr/local/nginx/htpasswd";
auth_request /auth;
try_files $uri $uri/ /api.html;
}
location = /auth {
proxy_pass http://localhost:8080;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
}
您会注意到存在 auth_basic_user_file 并且您可能不想要它但您可以保留一个空白文件,satisfy any
将接受任何成功,auth_basic
将失败,但也会在转发到后端脚本的 HTTP 标头中设置用户和密码,您可以在其中相应地处理它们.
You will notice that auth_basic_user_file is present and you probably don't want it but you can leave a blank file, the satisfy any
will accept any success, auth_basic
will fail but will also set the user and password in the HTTP Headers that are forwarded to your backend script where you can handle them accordingly.
这篇关于使用 auth_request 模块进行 Nginx 身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!