summaryrefslogtreecommitdiff
path: root/etc/nginx/sites-enabled/test.site
diff options
context:
space:
mode:
Diffstat (limited to 'etc/nginx/sites-enabled/test.site')
-rw-r--r--etc/nginx/sites-enabled/test.site17
1 files changed, 17 insertions, 0 deletions
diff --git a/etc/nginx/sites-enabled/test.site b/etc/nginx/sites-enabled/test.site
index c5e1949..78c95b9 100644
--- a/etc/nginx/sites-enabled/test.site
+++ b/etc/nginx/sites-enabled/test.site
@@ -206,6 +206,23 @@ server {
error_page 418 = @blue;
error_page 419 = @green;
recursive_error_pages on;
+
+ # This is very ugly, but necessary since NGINX
+ # can't do multiple conditions or nexted ifs
+
+ if ($request_filename !~ "^/public/?.*$") {
+ # restricted!
+ set $authresult "r";
+ }
+
+ if ($http_authorization = "ApiKey sandbox") {
+ # auth successful
+ set $authresult "${authresult}y";
+ }
+ if ($authresult = "r") {
+ # restricted but not authorized
+ return 401 "Unauthorized";
+ }
if ($http_x_taler_deployment_color ~ "blue") { return 418; }
if ($http_x_taler_deployment_color ~ "green") { return 419; }
proxy_set_header X-Forwarded-Host "backend.test.taler.net";
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-29 14:19:22 +0000