Nginx 位置

tag-icon tag-icon nginx http-basic-authentication
Nginx 位置

我有一个相对简单的配置:

upstream appserver-1 {
    server unix:/var/www/example.com/app/tmp/gunicorn.sock fail_timeout=0;
}
server {
    listen  80;
    server_name  example.com;

    location / {
        proxy_pass http://appserver-1;
        proxy_redirect              off;
        proxy_set_header            Host $host;
        proxy_set_header            X-Real-IP $remote_addr;
        proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

        auth_basic                  "Restricted";
        auth_basic_user_file        /path/to/htpasswd;

    }

    location /api/ {
        auth_basic          off;
    }
}

目标是在整个网站上使用基本身份验证,但/api/子树除外。虽然它确实适用于基本身份验证,但其他指令(例如)也proxy_pass不起作用。/api/

是否可以仅禁用基本身份验证而保留其他指令而不复制和粘贴所有内容?

答案1

那么两个文件怎么样?

includes/proxy.conf 将是:

proxy_pass http://appserver-1;
proxy_redirect              off;
proxy_set_header            Host $host;
proxy_set_header            X-Real-IP $remote_addr;
proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;

你当前的配置文件如下:

upstream appserver-1 {
    server unix:/var/www/example.com/app/tmp/gunicorn.sock fail_timeout=0;
}
server {
    listen  80;
    server_name  example.com;

    location / {
        auth_basic                  "Restricted";
        auth_basic_user_file        /path/to/htpasswd;
        include includes/proxy.conf;
    }

    location /api/ {
        auth_basic          off;
        include includes/proxy.conf;
    }
}

答案2

配置文件

在 Nginx 1.4.4 中,您需要使用引号offauth_basic设置。

location / {
    auth_basic "Restricted";
    auth_basic_user_file /etc/nginx/passwd;
        include /etc/nginx/uwsgi_params;
        uwsgi_pass unix:/tmp/app.sock;
}

location /api {
    auth_basic "off";
        include /etc/nginx/uwsgi_params;
        uwsgi_pass unix:/tmp/app.sock;
}

创建 htpasswd/passwd 文件

安装apache2-utils,有一个很好的辅助应用程序可以为您快速创建 htpasswd 文件。http://httpd.apache.org/docs/2.2/programs/htpasswd.html

htpasswd -c -m <filename> <username>

答案3

下面的配置适用于我,用于从我的磁盘共享文件夹,无需对共享文件夹进行任何身份验证,而网站的其余部分则需要身份验证

server {
        listen       80;
        server_name  localhost;
        root C:\\Users\\Work\\XYZ\\;
        autoindex on;
        autoindex_exact_size off;
        autoindex_localtime on;
        auth_basic "Administrator Login";
        auth_basic_user_file C:\\Users\\Work\\.htpasswd;

        location /share {
            auth_basic "off";
            allow all; # Allow all to see content 
            alias C:\\Users\\sg32884\\Work\\share\\;
        }
}

答案4

Nginx 位置

这可以通过子位置来实现:

upstream appserver-1 {
    server unix:/var/www/example.com/app/tmp/gunicorn.sock fail_timeout=0;
}
server {
    listen  80;
    server_name  example.com;

    location / {
        location /api/ {
            auth_basic          off;
            include includes/proxy.conf;
        }
        auth_basic                  "Restricted";
        auth_basic_user_file        /path/to/htpasswd;
        include includes/proxy.conf;
    }
}

注意proxy.conf包含代理配置

相关内容