nginx-lua http auth

Example

1
2
3
4
5
6
7
8
9
10
location / {
access_by_lua_block {
if ngx.var.remote_user == "liusha" and ngx.var.remote_passwd == "liusha" then
return
end
ngx.header.www_authenticate = [[Basic realm="Restricted"]]
ngx.exit(401)
}
proxy_pass ...;
}

Test

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
#: 401
\_ LiuSha丶$ xcurl -i GET -IL https://liusha.me
HTTP/2.0 401
Server: ShaWS/1.5
Date: Tue, 13 Sep 2016 06:10:55 GMT
Content-Type: text/html
Content-Length: 192
Connection: keep-alive
www-authenticate: Basic realm="Restricted"

#: 200
\_ LiuSha丶$ xcurl -i GET -IL https://liusha.me --user liusha:liusha
HTTP/2.0 200
Server: ShaWS/1.5
Date: Tue, 13 Sep 2016 06:10:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 329
Connection: keep-alive
ETag: W/"149-QAEbNI9vzgss7K1qs8lXgw"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
X-Frame-Options: Deny
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: sniff