<div dir="ltr"><div>Hello, <br></div><div><br></div><div>I had sent the original email to the nginx mailing list address a week ago. But I don't see it on the March 2024 archives page - <a href="https://mailman.nginx.org/pipermail/nginx/2024-March/thread.html#start">https://mailman.nginx.org/pipermail/nginx/2024-March/thread.html#start</a>. I am wondering if that's the case because I was not subscribed to the mailing list at the time of sending the email (I have subscribed just now) or if it's stuck in moderation. </div><div><br></div><div>Appreciate any help. <br></div><div><br></div><div>Thanks,</div><div>Vineet<br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, 4 Mar 2024 at 11:52, Vineet Naik <<a href="mailto:naikvin@gmail.com">naikvin@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hello, <br></div><div><br></div><div>I am using the auth_request module to restrict access to static files at location `/`. I noticed that when authentication is successful, the `/auth` endpoint is receiving 2 requests for every request sent to nginx by the client application. Interestingly, this only happens when the user is logged in i.e. the `/auth` endpoint responds with 200 status code. Otherwise, the auth endpoint is called only once. I have verified this by logging every incoming request to `/auth` handler in the server application. <br></div><div><br></div><div>I can see that the internal subrequests made by nginx to the auth endpoint are not being logged. Is there a way to enable logging for auth subrequests? How do I investigate this further? <br></div><div><br></div><div>Nginx config for reference: <br></div><div><br></div><div>server {<br> listen 80;<br> server_name spapoc.local;<br><br> access_log /var/log/nginx/spapoc.access.log main;<br><br> location ~ ^/(login|logout) {<br> auth_request off;<br> proxy_pass <a href="http://127.0.0.1:5001" target="_blank">http://127.0.0.1:5001</a>;<br> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br> proxy_set_header X-Forwarded-Proto $scheme;<br> proxy_set_header X-Forwarded-Host $host;<br> proxy_set_header X-Forwarded-Prefix /;<br> }<br><br> location /xhr/ {<br> auth_request off;<br> proxy_pass <a href="http://127.0.0.1:5001/" target="_blank">http://127.0.0.1:5001/</a>;<br> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br> proxy_set_header X-Forwarded-Proto $scheme;<br> proxy_set_header X-Forwarded-Host $host;<br> proxy_set_header X-Forwarded-Prefix /;<br> }<br><br> location = /favicon.ico {<br> auth_request off;<br> root /home/vmadmin/spa;<br> }<br><br> location / {<br> auth_request /auth;<br> auth_request_set $auth_status $upstream_status;<br> error_page 401 = @error401;<br><br> root /home/vmadmin/spa;<br> try_files $uri $uri/ /index.html;<br> }<br><br> location = /auth {<br> internal;<br> auth_request off;<br> proxy_pass <a href="http://127.0.0.1:5001" target="_blank">http://127.0.0.1:5001</a>;<br> proxy_pass_request_body off;<br> proxy_set_header Content-Length "";<br> proxy_set_header X-Original-URI $request_uri;<br> }<br><br> location @error401 {<br> return 302 /login;<br> }<br><br> #error_page 404 /404.html;<br><br> # redirect server error pages to the static page /50x.html<br> #<br> error_page 500 502 503 504 /50x.html;<br> location = /50x.html {<br> root /usr/share/nginx/html;<br> }<br>}</div><br><div>-- <br></div><div><span class="gmail_signature_prefix">Thanks,</span></div><div><span class="gmail_signature_prefix">Vineet<br></span></div><div><div dir="ltr" class="gmail_signature"><div dir="ltr"><br></div></div></div></div>
</blockquote></div><br clear="all"><br><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature"><div dir="ltr">~ Vineet<br><br></div></div></div>