nginx.auth.conf: include auth-params

add /refresh-token location
2024-06-06 22:00:38 +03:00 · 2024-06-06 22:00:38 +03:00 · f95cea4540
commit f95cea4540
parent 87bcead3c7
2 changed files with 8 additions and 4 deletions
--- a/config/include/auth-params.conf
+++ b/config/include/auth-params.conf
@ -0,0 +1,2 @@
+ proxy_set_header auth-mode $AUTH_MODE;
+ proxy_set_header refresh-token $REFRESH_TOKEN;
--- a/config/nginx.auth.conf
+++ b/config/nginx.auth.conf
@ -22,8 +22,9 @@ server {
    listen                       80;
    include                      /etc/nginx/mime.types;
    include                      /etc/nginx/include/csp.conf;
+    include                      /etc/nginx/include/auth-params.conf;

-    error_page                   401 /login;
+    error_page                   401 /login/$AUTH_MODE;


    location = /auth {
@ -33,10 +34,10 @@ server {

        proxy_pass_request_body  off;
        proxy_set_header         Content-Length "";
-        proxy_set_header         refresh-token $REFRESH_TOKEN;
-        proxy_set_header         auth-mode $AUTH_MODE;
        proxy_set_header         X-Original-URI $request_uri;
        proxy_intercept_errors   on;
+
+        include                  /etc/nginx/include/auth-params.conf;
    }

    location /login {
@ -45,8 +46,9 @@ server {
        include                  /etc/nginx/include/security-headers.conf;
    }

-    location ~ ^/(logout|get-user|login-telegram|login-confirm)$ {
+    location ~ ^/(logout|get-user|login-telegram|login-confirm|refresh-token)$ {
        proxy_pass               http://auth_api/$AUTH_MODE/$1;
+        include                  /etc/nginx/include/auth-params.conf;
    }

    location / {