Hi,
I've implemented auth_request for a set of micro services I'm currently building and very much like this feature.
I am, however, having a bit of an issue with specifying what calls need the auth request based on the request method.
For example, I need to try and set up the following:
GET /object - NO auth needed
POST /object - auth needed
PATCH /object - auth needed
I've normalised the endpoints for the sake of this example and there are more endpoints but this should be enough to explain the scenario.
I currently have the following:
location /object {
auth_request /auth;
auth_request_set $auth $upstream_http_x_auth;
proxy_pass http://object; # an upstream
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Auth $auth;
proxy_set_header Host $http_host;
}
I tried using an IF statement but got errors because of auth_request not being allowed there.
How can I make it so that the GET request doesn't go through the auth request?
Thanks,
Gary
I've implemented auth_request for a set of micro services I'm currently building and very much like this feature.
I am, however, having a bit of an issue with specifying what calls need the auth request based on the request method.
For example, I need to try and set up the following:
GET /object - NO auth needed
POST /object - auth needed
PATCH /object - auth needed
I've normalised the endpoints for the sake of this example and there are more endpoints but this should be enough to explain the scenario.
I currently have the following:
location /object {
auth_request /auth;
auth_request_set $auth $upstream_http_x_auth;
proxy_pass http://object; # an upstream
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Auth $auth;
proxy_set_header Host $http_host;
}
I tried using an IF statement but got errors because of auth_request not being allowed there.
How can I make it so that the GET request doesn't go through the auth request?
Thanks,
Gary