php - Laravel + Nginx + Basic Auth: how to leave some routes unprotected?

View Original

one text

Solution:

I resolved using this:

server {
   ....
   auth_basic_user_file /etc/nginx/auth/.htpasswd;

  location / {
    auth_basic   "My DEMO";
    try_files    $uri $uri/ /index.php?$query_string;
  }

  location ~ \.php$ {
    ... ...
  }

  location /api/ {
    auth_basic   off;
    try_files    $uri /index.php?$query_string;
  }

}

If first matches /api/, no auth set up, and then causes the restart of parsing that will ending using location ~ \.php$.

So page is served, but without asking http basic auth

For every other routes, it apply auth_basic and then causes the restart of parsing that will ending using location ~ \.php$

So page is served, but asking http basic auth

Source
© 2021
E-mail: contact@webdevask.com
Back to top