diff options
author | Yves Fischer <yvesf-git@xapek.org> | 2018-11-26 01:35:11 +0100 |
---|---|---|
committer | Yves Fischer <yvesf-git@xapek.org> | 2018-11-26 01:35:11 +0100 |
commit | 3b89dc69da0f88cf8e2290523fa50656ac2ebb5d (patch) | |
tree | 105313b862ca7d8a123a37c279508081744a90d9 /test/etc | |
download | nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.tar.gz nginx-auth-totp-3b89dc69da0f88cf8e2290523fa50656ac2ebb5d.zip |
Proof of concept with totp
Diffstat (limited to 'test/etc')
-rw-r--r-- | test/etc/nginx.conf | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/test/etc/nginx.conf b/test/etc/nginx.conf new file mode 100644 index 0000000..3477353 --- /dev/null +++ b/test/etc/nginx.conf @@ -0,0 +1,35 @@ +# nginx -p . -c nginx.conf + +pid /tmp/nginx.example.pid; + +daemon off; + +events { + worker_connections 5; +} + +http { + access_log /dev/stdout; + error_log /dev/stderr; + + server { + server_name localhost; + + location /auth { + rewrite /auth/(.+) /$1 break; + proxy_pass http://127.0.0.1:8080; # This is the TOTP Server + proxy_set_header X-Totp-Secret baadf00d; + proxy_set_header X-Totp-Secret deadc0de; + } + + # This ensures that if the TOTP server returns 401 we redirect to login + error_page 401 = @error401; + location @error401 { + return 302 /auth/login$request_uri; + } + + location / { + auth_request /auth/check; + } + } +}
\ No newline at end of file |