<div dir="ltr"><div><div><div><div>Hi<br><br></div>I'd appreciate it if someone could enlighten me as to why the following isn't working as expected. I'm trying to make the proxying to php dynamic - in other words, depending on the authenticated user, requests will be proxied to that user's PHP socket.<br>
<br></div><div>Both the login and auth locations are proxied to a Perl Dancer app.<br>
<br></div><div>Here's the auth app's /auth route:<br><br></div><div>get '/auth' => sub {<br> if (session('user') && session('time')) {<br> my $time_now = time;<br> if ($time_now - session('time') < config->{'session_timeout'}) {<br>
session 'time' => $time_now;<br> header 'X-Auth-User' => session('user');<br> status 'ok';<br> }<br> else {<br> header 'X-Error-Page' => '/login/session_expired';<br>
status 'forbidden';<br> }<br> }<br> else {<br> header 'X-Error-Page' => '/login/not_authorised';<br> status 'forbidden';<br> }<br>};<br><br></div>
nginx.conf snippet:<br><br>location /login {<br> expires -1;<br> proxy_set_header Host $host;<br> proxy_pass <a href="http://127.0.0.1:3000" target="_blank">http://127.0.0.1:3000</a>;<br> proxy_redirect http://$host https://$host;<br>
}<br><br>location /auth {<br> internal;<br> expires -1;<br> proxy_set_header Host $host;<br> proxy_pass <a href="http://127.0.0.1:3001" target="_blank">http://127.0.0.1:3001</a>;<br> proxy_pass_request_body off;<br>
proxy_redirect http://$host https://$host;<br>
proxy_set_header Content-Length "";<br>}<br><br></div>location /protected {<br> error_page 401 403 $error_page;<br> expires -1;<br></div> set $auth_user = 'none';<br><div> auth_request /auth;<br>
auth_request_set $error_page $upstream_http_x_error_page;<br> auth_request_set $auth_user $upstream_http_x_auth_user;<br><br></div><div> location ~* \.php {<br> fastcgi_pass unix:/srv/web/$auth_user/sock/php-5.3.22.sock;<br>
fastcgi_index index.php;<br> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;<br> fastcgi_param FILES_ROOT /srv/web/$auth_user/site;<br> include fastcgi_params;<br> }<br>
</div><div>}<br><br></div><div>The error_page works, when the Dancer app returns forbidden, but no matter what I've tried to use the X-Auth_User header on the /auth app returning 200, I can't seem to coax nginx into passing it onto anything, be it a rewrite, or the above listed \.php location stanza.<br>
<br></div><div>Any pointers would be appreciated.<br><br>Thanks<br>Dale<br></div></div>