auth_basic off for a single controller in cakephp served by nginx (location and rewrite)_问答_开发者

auth_basic off for a single controller in cakephp served by nginx (location and rewrite)

开发者 https://www.devze.com 2023-01-26 06:43 出处：网络

I want to have unrestricted access to one of my controller in CakePHP. Below is the config I\'m using, unfortunately, when trying myhost.com/my_controller/my_action it still requires credentials. Shou

I want to have unrestricted access to one of my controller in CakePHP. Below is the config I'm using, unfortunately, when trying myhost.com/my_controller/my_action it still requires credentials. Shouldn't /my_controller/my_action match location ^~ /my_controller/my_action instead of location ~ .php$?

From what I understand from here it should.

I tried to incorporate above trick with if ($request_uri ~* /phpmyadmin), but auth_basic is开发者_JAVA技巧 not allowed in IFs, I guess (Restarting nginx: [emerg]: "auth_basic" directive is not allowed here).

I also tried to match rewritten location, i.e. location /index.php?q=/my_controller/my_action { but without a success.

Exact operator "=" doesn't work as well, due to rewriting, I guess. The same with "~".

Ideally, the solution should be generic enough to use with other controllers, too.

server {
    root
    index

    rewrite ^(.+)$ /index.php?q=$1 last;

    location ^~ /my_controller/my_action {
        auth_basic off;
        fastcgi_pass
        fastcgi_index
        fastcgi_param
        include
    }

    location ~ \.php$ {
        auth_basic "Restricted";
        auth_basic_user_file

        fastcgi_pass
        fastcgi_index
        fastcgi_param
        include
    }
}

By putting auth_basicin the *.php location, you say that you restrict access to php generated files. If you access some php generated file inside your controller it would win.

Best solution for this case is to simply put the auth_basic outside the location.

EDIT 1: DONT WORK

server {
    root
    index

    auth_basic "Restricted";
    auth_basic_user_file

    rewrite ^(.+)$ /index.php?q=$1 last;

    location ^~ /my_controller/my_action {
        auth_basic off;
        fastcgi_pass
        fastcgi_index
        fastcgi_param
        include
    }

    location ~ \.php$ {
        fastcgi_pass
        fastcgi_index
        fastcgi_param
        include
    }
}

EDIT 1: complete rewrite

server {
    root
    index

    auth_basic_user_file

    rewrite ^(.+)$ /index.php?q=$1 last;

    location / {
        auth_basic "Restricted";
    }

    location ^~ /my_controller/my_action {
        auth_basic off;
        fastcgi_pass
        fastcgi_index
        fastcgi_param
        include
    }

    location ~ \.php$ {
        fastcgi_pass
        fastcgi_index
        fastcgi_param
        include
    }
}