重写为 https://localhost:8000 而不是 https://localhost

tag-icon tag-icon nginx authentication localhost
重写为 https://localhost:8000 而不是 https://localhost

我在 MacOS 中使用 nginx 在 localhost 中测试第三方身份验证,例如 Google 和 Twitter。因此,在我的本地网站上https://localhost:8000/...,我可以进行www.funfun.io第三方身份验证。

以下是 nginx 配置文件:

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    log_format my_log '{ "time": "$time_iso8601", '
        '"remote_addr": "$remote_addr", '
        '"status": "$status", '
        '"request": "$request", '
        '"request_method": "$request_method", '
        '"http_referrer": "$http_referer", '
        '"http_x_forwarded_for": "$http_x_forwarded_for", '
        '"host": "$host", '
        '"server_name": "$server_name", '
        '"upstream_address": "$upstream_addr", '
        '"upstream_status": "$upstream_status", }';

    access_log /usr/local/var/log/nginx/my_log_access.log my_log;

    upstream funfun {
        server 178.62.87.72:443;
    }

    server {
        listen 443 ssl;
        server_name localhost;
        ssl_certificate /etc/ssl/localhost/localhost.crt;
        ssl_certificate_key /etc/ssl/localhost/localhost.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 1d;
        ssl_stapling off;
        ssl_stapling_verify off;
        add_header Strict-Transport-Security max-age=15768000;
        add_header X-Frame-Options "";
        proxy_ssl_name "www.funfun.io";
        proxy_ssl_server_name on;

        location ~ /socialLoginSuccess {
            rewrite ^ '/#/socialLoginSuccess' redirect;
        }

        location ~ /auth/(.*) {
            proxy_pass  https://funfun/10studio/auth/$1?$query_string;
            proxy_set_header Host localhost;
        }
    }
    include servers/*;
}

这是登录日志。

{ "time": "2021-11-11T01:02:47+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /10studio/auth/google HTTP/1.1", "request_method": "GET", "http_referrer": "https://localhost:8000/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /auth/google/callback?code=4%2F0AX4XfWihw3erIiZok3Yk8jZ5hjcg4sT35YLuZAp5h3qIDZvC_BuHSlvbRiTSh4Sobo_Wbw&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+openid&authuser=0&prompt=consent HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /auth/signinSuccess HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "178.62.87.72:443", "upstream_status": "302" }
{ "time": "2021-11-11T01:02:50+01:00", "remote_addr": "127.0.0.1", "status": "302", "request": "GET /socialLoginSuccess HTTP/1.1", "request_method": "GET", "http_referrer": "https://accounts.google.com/", "http_x_forwarded_for": "-", "host": "localhost", "server_name": "localhost", "upstream_address": "-", "upstream_status": "-" }

签到流程如下:

  • 我从一个网页开始https://localhost:8000/#/start,上面有一个通过 Google 登录的按钮。
  • 我点击了那个按钮,它的网址是https://localhost/10studio/auth/google
  • 显示的网页上https://accounts.google.com/...,我们可以选择 Google 帐户
  • 登录成功后,https://localhost/#/socialLoginSuccess显示网页。

除最后一步外,所有步骤均正常;最后https://localhost/#/socialLoginSuccess显示 的网页Welcome to nginx!。正确的网址应该是https://localhost:8000/#/socialLoginSuccess

有谁知道我该如何修改 nginx 配置文件以便最终的 url 指向https://localhost:8000/#/socialLoginSuccess

编辑1:

以下是 funfun.io 的一些代码:

(* under app.js *)

var _10studio = require('./routes/10studio');
app.use('/10studio', _10studio);

(* under routes/10studio.js *)

router.get('/auth/google', passport.authenticate('10studio-google', {
    scope: ['https://www.googleapis.com/auth/userinfo.profile',
        'https://www.googleapis.com/auth/userinfo.email']
}));

router.get('/auth/google/callback', passport.authenticate('10studio-google', {
    successRedirect: '/auth/signinSuccess',
    failureRedirect: '/auth/signinFailure',
    failureFlash: true
}))

router.get('/auth/signinSuccess', function (req, res, next) {
    res.redirect("/socialLoginSuccess");
})

相关内容