clones/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2024-09-21 03:37:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allows auth information from AccessList not to be passed to proxied hosts. Resolves issue #153.

Browse Source 
Signed-off-by: James Morgan <jmorgan.au+github@gmail.com>
This commit is contained in:
James Morgan 2020-10-14 20:17:25 +11:00
parent 165bfc9f5f
commit 0df0545777
8 changed files with 71 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backend/internal/access-list.js
View File

@ -31,6 +31,7 @@ const internalAccessList = {
.insertAndFetch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
owner_user_id: access.token.getUserId(1)
});
})
@ -128,6 +129,7 @@ const internalAccessList = {
.patch({
name: data.name,
satisfy_any: data.satisfy_any,
pass_auth: data.pass_auth,
});
}
})

41
backend/migrations/20201014143841_pass_auth.js Normal file
View File

@ -0,0 +1,41 @@
const migrate_name = 'pass_auth';
const logger = require('../logger').migrate;
/**
* Migrate
*
* @see http://knexjs.org/#Schema
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.up = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Up...');
return knex.schema.table('access_list', function (access_list) {
access_list.integer('pass_auth').notNull().defaultTo(1);
})
.then(() => {
logger.info('[' + migrate_name + '] access_list Table altered');
});
};
/**
* Undo Migrate
*
* @param {Object} knex
* @param {Promise} Promise
* @returns {Promise}
*/
exports.down = function (knex/*, Promise*/) {
logger.info('[' + migrate_name + '] Migrating Down...');
return knex.schema.table('access_list', function (access_list) {
access_list.dropColumn('pass_auth');
})
.then(() => {
logger.info('[' + migrate_name + '] access_list pass_auth Column dropped');
});
};

4
backend/models/access_list.js
View File

@ -93,6 +93,10 @@ class AccessList extends Model {
get satisfy() {
return this.satisfy_any ? 'satisfy any' : 'satisfy all';
}
get passauth() {
return this.pass_auth ? '' : 'proxy_set_header Authorization "";';
}
}
module.exports = AccessList;

9
backend/schema/endpoints/access-lists.json
View File

@ -42,6 +42,9 @@
"satisfy_any": {
"type": "boolean"
},
"pass_auth": {
"type": "boolean"
},
"meta": {
"type": "object"
}
@ -102,6 +105,9 @@
"satisfy_any": {
"$ref": "#/definitions/satisfy_any"
},
"pass_auth": {
"$ref": "#/definitions/pass_auth"
},
"items": {
"type": "array",
"minItems": 0,
@ -167,6 +173,9 @@
"satisfy_any": {
"$ref": "#/definitions/satisfy_any"
},
"pass_auth": {
"$ref": "#/definitions/pass_auth"
},
"items": {
"type": "array",
"minItems": 0,

2
backend/templates/proxy_host.conf
View File

@ -27,6 +27,8 @@ server {
# Authorization
auth_basic "Authorization required";
auth_basic_user_file /data/access/{{ access_list_id }};
{{ access_list.passauth }}
{% endif %}
# Access Rules

10
frontend/js/app/nginx/access/form.ejs
View File

@ -31,6 +31,16 @@
</label>
</div>
</div>
<div class="col-sm-6 col-md-6">
<div class="form-group">
<label class="custom-switch">
<input type="checkbox" class="custom-switch-input" name="pass_auth" value="1"<%- typeof pass_auth !== 'undefined' && pass_auth ? ' checked' : '' %>>
<span class="custom-switch-indicator"></span>
<span class="custom-switch-description"><%- i18n('access-lists', 'pass-auth') %></span>
</label>
</div>
</div>
</div>
</div>

1
frontend/js/app/nginx/access/form.js
View File

@ -73,6 +73,7 @@ module.exports = Mn.View.extend({
let data = {
name: form_data.name,
satisfy_any: !!form_data.satisfy_any,
pass_auth: !!form_data.pass_auth,
items: items_data,
clients: clients_data
};

3
frontend/js/i18n/messages.json
View File

@ -206,7 +206,8 @@
"authorization": "Authorization",
"access": "Access",
"satisfy": "Satisfy",
"satisfy-any": "Satisfy Any"
"satisfy-any": "Satisfy Any",
"pass-auth": "Pass Auth to Host"
},
"users": {
"title": "Users",