Files · c9ea3b0b0abc0c4725bdeed408a4d8cb5f748997 · ula / NGINX Authenticator · GitLab

Snippets Groups Projects

ale authored 3 months ago

c9ea3b0b

c9ea3b0b 3 months ago

Name	Last commit	Last update
debian
vendor
.gitlab-ci.yml
README.md
auth.go
go.mod
go.sum
socket.go

Small server for the ngx_http_auth_request NGINX module: authenticates users based on a static password file.

The tool supports both Basic authentication (username and password) and "bearer token" authentication where a single secret API key is used.

The password file must be JSON-encoded as a list of users, each with the following attributes:

name - username
password - encrypted password
api_tokens (optional) - list of API secret tokens for bearer authentication

The Debian package installs a NGINX configuration snippet that should be included in your virtual host configuration. The hard-coded location for the http_auth_request module is /__auth. An example configuration that protects an API at localhost:1234 would look something like the following:

server {
  listen 443 ssl;
  server_name my.server;
  ssl_certificate ...;
  ssl_certificate_key ...;

  include /etc/nginx/snippets/ula_auth.snippet;

  location / {
    auth_request /__auth;
    include /etc/nginx/proxy_params;
    proxy_pass http://localhost:1234;
  }
}