From 3b89dc69da0f88cf8e2290523fa50656ac2ebb5d Mon Sep 17 00:00:00 2001
From: Yves Fischer <yvesf-git@xapek.org>
Date: Mon, 26 Nov 2018 01:35:11 +0100
Subject: Proof of concept with totp

---
 test/etc/nginx.conf | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 test/etc/nginx.conf

(limited to 'test/etc/nginx.conf')

diff --git a/test/etc/nginx.conf b/test/etc/nginx.conf
new file mode 100644
index 0000000..3477353
--- /dev/null
+++ b/test/etc/nginx.conf
@@ -0,0 +1,35 @@
+# nginx -p . -c nginx.conf
+
+pid /tmp/nginx.example.pid;
+
+daemon off;
+
+events {
+  worker_connections 5;
+}
+
+http {
+  access_log /dev/stdout;
+  error_log /dev/stderr;
+
+  server {
+    server_name localhost;
+
+    location /auth {
+        rewrite    /auth/(.+) /$1 break;
+        proxy_pass http://127.0.0.1:8080; # This is the TOTP Server
+        proxy_set_header X-Totp-Secret baadf00d;
+        proxy_set_header X-Totp-Secret deadc0de;
+    }
+
+    # This ensures that if the TOTP server returns 401 we redirect to login
+    error_page 401 = @error401;
+    location @error401 {
+      return 302 /auth/login$request_uri;
+    }
+
+    location / {
+      auth_request /auth/check;
+    }
+  }
+}
\ No newline at end of file
-- 
cgit v1.2.1