diff options
author | Florian Dold <florian.dold@gmail.com> | 2018-02-05 13:34:00 +0100 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2018-02-05 13:34:21 +0100 |
commit | 95870c95930ed0decd6d12dfae849a310e24f5cd (patch) | |
tree | 28c7c8be8377954189e20a2827ed5c48e0ab8893 /etc/nginx/sites-enabled | |
parent | 163856f9fde70daafe17378d9695fa9279e0daf2 (diff) | |
download | deployment-95870c95930ed0decd6d12dfae849a310e24f5cd.tar.gz deployment-95870c95930ed0decd6d12dfae849a310e24f5cd.tar.bz2 deployment-95870c95930ed0decd6d12dfae849a310e24f5cd.zip |
apikey auth for demo
Diffstat (limited to 'etc/nginx/sites-enabled')
-rw-r--r-- | etc/nginx/sites-enabled/demo.site | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/etc/nginx/sites-enabled/demo.site b/etc/nginx/sites-enabled/demo.site index 70e0a2d..7017a24 100644 --- a/etc/nginx/sites-enabled/demo.site +++ b/etc/nginx/sites-enabled/demo.site @@ -81,10 +81,25 @@ server { server_name backend.demo.taler.net; include conf.d/talerssl; - location / { + location /public { + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host "backend.test.taler.net"; + proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://unix:/home/demo/sockets/merchant.http:/; + } + + location / { + # match the ApiKey part ignoring case, and the actual key + # with case-sensitivity on. + if ($http_authorization !~ "(?i)ApiKey (?-i)sandbox") { + return 401; + } proxy_redirect off; proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host "backend.test.taler.net"; + proxy_set_header X-Forwarded-Proto "https"; + proxy_pass http://unix:/home/demo/sockets/merchant.http:/; } } |