删除一个 uri 的基本身份验证
Removing Basic Auth for one uri
我开发了一个 Laravel 应用程序,通过 Laravel Forge 部署了一个暂存版本,并为所有工作正常的位置设置了基本身份验证。我需要从一个位置删除 Basic Auth 但很难做到这一点。根据 Forge 的文档:
Nginx allows you to add further access restrictions such as allowing and
denying access to users by IP address. Forge does not provide the ability
to configure this, but you are free to customize your own protected site
configuration. Forge creates a
/etc/nginx/forge-config/.../server/protected_site-{ruleId}.conf
configuration file for protected sites.
因此 Forge 将在所述文件中创建:
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
我希望通过执行以下操作来修改以从一个路径中删除 Basic Auth:
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
location /my-unrestricted-uri {
auth_basic off;
}
将 nginx 配置文件放在一起会产生以下结果(我已将其截断但希望包含所有相关部分):
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
...
location / {
try_files $uri $uri/ /index.php?$query_string;
}
...
}
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
location /my-unrestricted-uri {
auth_basic off;
}
使用上面的配置,我仍然收到“401 - 需要授权”。我怎样才能打开这个 uri?
编辑:经过一些修补,我想我已经更进一步了。
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
...
location / {
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
try_files $uri $uri/ /index.php?$query_string;
location = /my-unrestrcited-uri {
auth_basic off;
try_files $uri $uri/ /index.php?$query_string;
}
}
...
}
#auth_basic "Restricted Area";
#auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
#location /my-unrestricted-uri {
# auth_basic off;
#}
所以我已将基本身份验证请求移至位置块,并使用子位置关闭基本身份验证。该路由现在不受保护,这正是我想要的,但是在访问网站的任何其他部分时,我不断被要求提供身份验证凭据,因此这里发生了某种重定向循环。
我不知道该循环的原因是什么,但您可以尝试使用我刚刚在 answer using the $uri 变量值中描述的技术:
map $uri $realm {
/my-unrestricted-uri off;
default "Restricted Area";
}
auth_basic $realm;
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
请注意,此配置片段应放置在 server 块之外(换句话说,在 http 上下文中)。
我开发了一个 Laravel 应用程序,通过 Laravel Forge 部署了一个暂存版本,并为所有工作正常的位置设置了基本身份验证。我需要从一个位置删除 Basic Auth 但很难做到这一点。根据 Forge 的文档:
Nginx allows you to add further access restrictions such as allowing and
denying access to users by IP address. Forge does not provide the ability
to configure this, but you are free to customize your own protected site
configuration. Forge creates a
/etc/nginx/forge-config/.../server/protected_site-{ruleId}.conf
configuration file for protected sites.
因此 Forge 将在所述文件中创建:
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
我希望通过执行以下操作来修改以从一个路径中删除 Basic Auth:
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
location /my-unrestricted-uri {
auth_basic off;
}
将 nginx 配置文件放在一起会产生以下结果(我已将其截断但希望包含所有相关部分):
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
...
location / {
try_files $uri $uri/ /index.php?$query_string;
}
...
}
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
location /my-unrestricted-uri {
auth_basic off;
}
使用上面的配置,我仍然收到“401 - 需要授权”。我怎样才能打开这个 uri?
编辑:经过一些修补,我想我已经更进一步了。
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
...
location / {
auth_basic "Restricted Area";
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
try_files $uri $uri/ /index.php?$query_string;
location = /my-unrestrcited-uri {
auth_basic off;
try_files $uri $uri/ /index.php?$query_string;
}
}
...
}
#auth_basic "Restricted Area";
#auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
#location /my-unrestricted-uri {
# auth_basic off;
#}
所以我已将基本身份验证请求移至位置块,并使用子位置关闭基本身份验证。该路由现在不受保护,这正是我想要的,但是在访问网站的任何其他部分时,我不断被要求提供身份验证凭据,因此这里发生了某种重定向循环。
我不知道该循环的原因是什么,但您可以尝试使用我刚刚在 $uri 变量值中描述的技术:
map $uri $realm {
/my-unrestricted-uri off;
default "Restricted Area";
}
auth_basic $realm;
auth_basic_user_file /etc/nginx/forge-conf/staging.mysite.com/server/.htpasswd-21495;
请注意,此配置片段应放置在 server 块之外(换句话说,在 http 上下文中)。