1

Nginx reverse proxy configuration

upstream frontend {
    server frontend:4200;
}

upstream backend {
    server backend:4000;
}

server {
    listen 80;
    location / {
        auth_basic "Restricted";
        auth_basic_user_file  /etc/nginx/.htpasswd;

        proxy_pass http://frontend;
    }

    location /api {
        rewrite /api/(.*) /$1 break;
        proxy_pass http://backend;
    }
}

I have a nginx which works as a reverse proxy for my app. I use Bearer token for user authentication between frontend and backend. When I set auth_basic in nginx - it's conflicts with my Bearer app auth as nginx could not have 2 Authentication headers. Are there any solutions on how to restrict access to my env and in the meantime continue to use Bearer token in APP? PS: backend is written in NodeJS (NestJS)

Improve this question
3
  • This question is similar to: Conflicting Basic & Bearer Authorization between nginx and my webapp. If you believe it’s different, please edit the question, make it clear how it’s different and/or how the answers on that question are not helpful for your problem. Commented Nov 14, 2024 at 3:54
  • @IvanShatsky it's different because in question you mentioned used php server, and I can't understand how can I apply it to my example. Thanks Commented Nov 14, 2024 at 9:36
  • You can implement a similar solution by creating an API endpoint like /api/validate_token and using it within the internal authentication location defined by the auth_request directive via proxy_pass .... However, when you programmatically add an Authorization: Bearer ... header to your API call, the browser won’t include an Authorization: Basic ... header, ensuring that nginx receives only one Authorization: ... header. And if all your API endpoints are protected with Bearer authentication while your frontend is secured with Basic authentication, why bother going further? Commented Nov 16, 2024 at 17:36
Related questions
0
Running nginx as reverse Proxy behind a corporate Proxy
0
How to send basic auth for nginx and bearer token for API auth
0
Nginx reverse proxy, failed to access server using server name
Load 4 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.