diff options
Diffstat (limited to 'etc/nginx/sites-enabled/test.site')
-rw-r--r-- | etc/nginx/sites-enabled/test.site | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/etc/nginx/sites-enabled/test.site b/etc/nginx/sites-enabled/test.site index c5e1949..78c95b9 100644 --- a/etc/nginx/sites-enabled/test.site +++ b/etc/nginx/sites-enabled/test.site @@ -206,6 +206,23 @@ server { error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; + + # This is very ugly, but necessary since NGINX + # can't do multiple conditions or nexted ifs + + if ($request_filename !~ "^/public/?.*$") { + # restricted! + set $authresult "r"; + } + + if ($http_authorization = "ApiKey sandbox") { + # auth successful + set $authresult "${authresult}y"; + } + if ($authresult = "r") { + # restricted but not authorized + return 401 "Unauthorized"; + } if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_set_header X-Forwarded-Host "backend.test.taler.net"; |