How nginx's "location if" works (Was Re: Setting cache parameter via if directives)

agentzh agentzh at
Sat Feb 19 09:06:42 MSK 2011

On Fri, Feb 18, 2011 at 8:29 PM, Alexander Kunz <akunz at> wrote:
> Time to think a bit different :) The "old" way still stuck in my head. I see
> there is a function access_by_lua but i still like session. Could this the
> way to handle access to all files in app?

Sure :)

> Decrypt session and encrypt
> session for refreshing the session livetime?

Yeah :)

> Or shoud i use access_by_lua in
> each location?

Well, this is a valid option too: you can combine
ngx_encrypted_session and access_by_lua by calling
ngx_ecrypted_session's config directives directly from within Lua,
like this:

   access_by_lua '
       local encrypted_text = ndk.set_var.set_decode_base32(ngx.var.arg_session)
       if not encrypted_text or encypted_text == "" then
           return ngx.redirect("/relogin.htm?url=" ..

       local raw_text = ndk.set_var.set_decrypt_session(encrypted_text)
       if not raw_text or raw_text == "" then
           return ngx.redirect("/relogin.htm?url=" ..

       -- validate raw_text is indeed valid...

       -- then refresh the sessions:
       local encrypted_text = ndk.set_var.set_encrypt_session(raw_text)
       local value = ndk.set_var.set_encode_base32(encrypted_text)
       ngx.header["Set-Cookie"] = { "SID=" .. value .. "; path=/" }

A very useful feature in ngx_lua is the "" magic that
allows you to call some other nginx C modules' config directives
on-the-fly! There's a restriction though: the 3rd-party directives
must be implemented using NDK (Nginx Devel Kit)'s set_var submodule's
ndk_set_var_value mechanism ;)

> Have a nice day, agentzh.

You too! ;)


More information about the nginx mailing list