How to return a cookie to a client when auth_request is used?

Maxim Dounin mdounin at mdounin.ru
Thu Jan 15 13:16:11 UTC 2015 

Hello!

On Thu, Jan 15, 2015 at 03:11:23AM -0500, nginxuser100 wrote:

> Hi, 
> 
> Question 1:
> 
> I would like to have an FastCGI authentication app assign a cookie to a
> client, and the Fast Auth app is called using auth_request. The steps are as
> follows:
> 
> 1. Client sends a request
> 2. NGINX auth_request forwards the request to a FastCGI app to
> authenticate.
> 3. The authentication FastCGI app creates a cookie, using "Set-Cookie:
> name=value". I would like this value to be returned to the client.
> 4. Assuming the authentication was successful, NGINX then forwards the
> request to an upstream FastCGI app which sends a response to the client. The
> HTTP header should contain Set-Cookie: name=value
> 
> How do I get NGINX to include the cookie in the header that gets forwarded
> to the upstream module so the final response to the client contains the
> cookie? I tried using auth_request_set but got 

You have to save the header value returned by the subrequest to a 
variable with auth_request_set, and then add the header to a 
response generated using the "add_header" directive.  Something 
like this should work:

    location / {
        auth_request /auth;
        auth_request_set $saved_set_cookie $upstream_http_set_cookie;
        add_header Set-Cookie $saved_set_cookie;
        ...
    }

[...]

> Question 2.    I also tried 
>        auth_request_set $http_cookie "test";  
>        to see how auth_request_set works. NGINX gave me this error at start
> time
> 
> nginx: [emerg] the duplicate "http_cookie" variable in
> /usr/local/nginx-1.7.9/conf/nginxWat.conf:25
> 
> Why did get such error?

The $http_* variables are headers of a request, and you can't 
redefine them.  Hence the error.

> Question 3. Can someone give me a pointer to a list of NGINX FastCGI
> supported env variables such as $http_cookie / HTTP_COOKIE?

All HTTP request headers are passed to FastCGI application as 
HTTP_* params, and will be available to an application as 
coresponding environment variables.  Additional params are passed 
as configured in your fastcgi_params file.

-- 
Maxim Dounin
http://nginx.org/

More information about the nginx mailing list