Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Running portal on path rather than subdomain #151

Closed
darox opened this issue Aug 25, 2022 · 6 comments
Closed

Running portal on path rather than subdomain #151

darox opened this issue Aug 25, 2022 · 6 comments
Assignees
@greenpau
Labels
need triage question Further information is requested

Comments

@darox
Copy link

darox commented Aug 25, 2022

Hi

I wonder whether it is possible to run the portal on the same subdomain but using a path like /auth and protect a path /documents?

Thank you.
@darox darox added need triage question Further information is requested labels Aug 25, 2022
@greenpau
Copy link
Owner

@darox , yes. It is done with “route” directive. what is the config you are currently using?

@terefang
Copy link

terefang commented Nov 8, 2022
edited
Loading

i have the some problem, i have this working config:

{
	http_port 8080
    https_port 8443
	# debug

	order authenticate before respond
	order authorize before basicauth

	security {
		local identity store localdb {
			realm local
			path users.json
		}


		authentication portal myportal {
			crypto default token lifetime 3600
			crypto key sign-verify 12345678901234567890123456789012
			enable identity store localdb
			cookie domain 127.0.0.1
			ui {
                theme basic
				links {
					"My Website" / icon "las la-star"
				}

    		}
			transform user {
				match origin local
				action add role authp/user
				ui link "Portal Settings" /settings icon "las la-cog"
			}
		}

		authorization policy users_policy {
			set auth url /auth
			allow roles authp/admin authp/user
			crypto key verify 12345678901234567890123456789012
			acl rule {
				comment allow users
				match role authp/user
				allow stop log info
			}
			acl rule {
				comment default deny
				match any
				deny log warn
			}
		}

	}
}

http://127.0.0.1:8080 {
	route /auth* {
		authenticate with myportal
	}

	route {
		authorize with users_policy
		respond * "assetq - admins" 200

	}
}

once i change to this config i get 404 for the login portal

{
	http_port 8080
    https_port 8443
	# debug

	order authenticate before respond
	order authorize before basicauth

	security {
		local identity store localdb {
			realm local
			path users.json
		}


		authentication portal myportal {
			crypto default token lifetime 3600
			crypto key sign-verify 12345678901234567890123456789012
			enable identity store localdb
			cookie domain 127.0.0.1
			ui {
                theme basic
				links {
					"My Website" / icon "las la-star"
				}

    		}
			transform user {
				match origin local
				action add role authp/user
				ui link "Portal Settings" /settings icon "las la-cog"
			}
		}

		authorization policy users_policy {
			set auth url /secure-auth
			allow roles authp/admin authp/user
			crypto key verify 12345678901234567890123456789012
			acl rule {
				comment allow users
				match role authp/user
				allow stop log info
			}
			acl rule {
				comment default deny
				match any
				deny log warn
			}
		}

	}
}

http://127.0.0.1:8080 {
	route /secure-auth* {
		authenticate with myportal
	}

	route {
		authorize with users_policy
		respond * "assetq - admins" 200

	}
}

@greenpau
Copy link
Owner

greenpau commented Nov 8, 2022

@terefang , try this and report the outcome

	route /secure-auth* {
		authenticate /secure-auth* with myportal
	}

@terefang
Copy link

terefang commented Nov 9, 2022

@terefang , try this and report the outcome

	route /secure-auth* {
		authenticate /secure-auth* with myportal
	}

still

image

@j0dan
Copy link

j0dan commented Apr 11, 2023

This worked great for me. It should be a config example!

@greenpau
Copy link
Owner

@darox , @j0dan @terefang , I am looking to add testimonial sections to https://authcrunch.com. Could you please write one and send it to me at greenpau@outlook.com?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@greenpau greenpau

Labels
need triage question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@terefang @greenpau @darox @j0dan