1

这是我的 nginx 配置文件:

location ~* ^/admin-panel/rest/(.*) {
    auth_request        /admin/admin_authentication/check_access?url=$request_uri;

    proxy_set_header    Host        $host;
    proxy_set_header    X-Real-IP   $remote_addr;

    resolver 127.0.0.11 ipv6=off;

    proxy_pass        http://nginx:8000/$1$is_args$args;
}

我想$request_uri作为GET参数发送到我的身份验证服务。但我得到这样的错误:

2019/06/23 06:30:07 [error] 6#6: *5 auth request unexpected status: 
404 while sending to client, client: 192.168.224.1, server: , request: 
"POST /admin-panel/rest/update HTTP/1.1", host: "localhost"
2019/06/23 06:30:07 [error] 6#6: *8 auth request unexpected status: 
404 while sending to client, client: 192.168.224.1, server: , request: 
"POST /admin-panel/rest/update HTTP/1.1", host: "localhost"
2019/06/23 06:31:56 [error] 6#6: *1 auth request unexpected status: 
404 while sending to client, client: 192.168.224.1, server: , request: 
"POST /admin-panel/rest/update HTTP/1.1", host: "localhost"
2019/06/23 06:31:57 [error] 6#6: *3 auth request unexpected status: 
404 while sending to client, client: 192.168.224.1, server: , request: 
"POST /admin-panel/rest/update HTTP/1.1", host: "localhost"

当我删除?url=$request_uri部分时auth_request,一切正常

4

1 回答 1

3

通过使用lua-nginx-module(或openresty docker映像),您可以使用access_by_lua_block而不是auth_request这样:

location ~* ^/admin-panel/rest/(.*) {
    access_by_lua_block {
        local res = ngx.location.capture("/admin/admin_authentication/check_access?url=" .. ngx.var.request_uri)

        if res.status == ngx.HTTP_OK then
            return
        end

        if res.status == ngx.HTTP_FORBIDDEN then
            ngx.exit(res.status)
        end

        ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)
    }

    proxy_set_header    Host        $host;
    proxy_set_header    X-Real-IP   $remote_addr;

    resolver 127.0.0.11 ipv6=off;

    proxy_pass        http://nginx:8000/$1$is_args$args;
}

实际上,此代码使用 Lua 连接运算符实现auth_requestaccess_by_lua_block创建 URL ..

于 2019-07-14T12:28:32.593 回答