summaryrefslogtreecommitdiff
path: root/etc/nginx
diff options
context:
space:
mode:
authorFlorian Dold <florian.dold@gmail.com>2018-02-05 13:34:00 +0100
committerFlorian Dold <florian.dold@gmail.com>2018-02-05 13:34:21 +0100
commit95870c95930ed0decd6d12dfae849a310e24f5cd (patch)
tree28c7c8be8377954189e20a2827ed5c48e0ab8893 /etc/nginx
parent163856f9fde70daafe17378d9695fa9279e0daf2 (diff)
downloaddeployment-95870c95930ed0decd6d12dfae849a310e24f5cd.tar.gz
deployment-95870c95930ed0decd6d12dfae849a310e24f5cd.tar.bz2
deployment-95870c95930ed0decd6d12dfae849a310e24f5cd.zip
apikey auth for demo
Diffstat (limited to 'etc/nginx')
-rw-r--r--etc/nginx/sites-enabled/demo.site17
1 files changed, 16 insertions, 1 deletions
diff --git a/etc/nginx/sites-enabled/demo.site b/etc/nginx/sites-enabled/demo.site
index 70e0a2d..7017a24 100644
--- a/etc/nginx/sites-enabled/demo.site
+++ b/etc/nginx/sites-enabled/demo.site
@@ -81,10 +81,25 @@ server {
server_name backend.demo.taler.net;
include conf.d/talerssl;
- location / {
+ location /public {
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-Host "backend.test.taler.net";
+ proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
+ }
+
+ location / {
+ # match the ApiKey part ignoring case, and the actual key
+ # with case-sensitivity on.
+ if ($http_authorization !~ "(?i)ApiKey (?-i)sandbox") {
+ return 401;
+ }
proxy_redirect off;
proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-Host "backend.test.taler.net";
+ proxy_set_header X-Forwarded-Proto "https";
+ proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
}
}