[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-deployment] branch master updated: fix auth
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-deployment] branch master updated: fix auth |
Date: |
Tue, 30 Jan 2018 00:16:37 +0100 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository deployment.
The following commit(s) were added to refs/heads/master by this push:
new 2307a32 fix auth
2307a32 is described below
commit 2307a32df2f23371085d32483796986f58df04f8
Author: Florian Dold <address@hidden>
AuthorDate: Tue Jan 30 00:16:30 2018 +0100
fix auth
---
etc/nginx/sites-enabled/test.site | 30 +++++++++++++++++-------------
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/etc/nginx/sites-enabled/test.site
b/etc/nginx/sites-enabled/test.site
index 3066042..8420010 100644
--- a/etc/nginx/sites-enabled/test.site
+++ b/etc/nginx/sites-enabled/test.site
@@ -200,29 +200,33 @@ server {
proxy_set_header X-Forwarded-Proto "https";
}
- location / {
+ location /public {
# Redirection technique explainted at
# https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
error_page 418 = @blue;
error_page 419 = @green;
recursive_error_pages on;
- # This is very ugly, but necessary since NGINX
- # can't do multiple conditions or nexted ifs
+ if ($http_x_taler_deployment_color ~ "blue") { return 418; }
+ if ($http_x_taler_deployment_color ~ "green") { return 419; }
+ proxy_set_header X-Forwarded-Host "backend.test.taler.net";
+ proxy_set_header X-Forwarded-Proto "https";
+ proxy_pass http://unix:/home/test/sockets/merchant.http:/public;
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ }
- if ($request_filename !~ "^/public/?.*$") {
- # restricted!
- set $authresult "r";
- }
+ location / {
+ # Redirection technique explainted at
+ # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
+ error_page 418 = @blue;
+ error_page 419 = @green;
+ recursive_error_pages on;
- if ($http_authorization = "ApiKey sandbox") {
- # auth successful
- set $authresult "${authresult}y";
- }
- if ($authresult = "r") {
- # restricted but not authorized
+ if ($http_authorization != "ApiKey sandbox") {
return 401;
}
+
if ($http_x_taler_deployment_color ~ "blue") { return 418; }
if ($http_x_taler_deployment_color ~ "green") { return 419; }
proxy_set_header X-Forwarded-Host "backend.test.taler.net";
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-deployment] branch master updated: fix auth,
gnunet <=