auth_request /auth; 获取验证信息
server {
listen 8080;
resolver 1.1.1.1;
location @error401 { return 401 "Unauthorized"; }
location = /auth {
internal;
proxy_pass http://backend-server/authenticate;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
auth_request /auth;
error_page 401 = @error401;
proxy_bind $server_addr;
proxy_pass $scheme://$http_host$request_uri;
proxy_set_header HOST $http_host;
proxy_buffers 256 4k;
proxy_max_temp_file_size 0k;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_next_upstream error timeout invalid_header http_502;
}
deny 127.0.0.1;
}