nginx-luaUsing authentication with Lua
server {
location / {
content_by_lua_block {
local user = nil
if ngx.var.http_authorization then
local auth = ngx.decode_base64(string.sub(ngx.var.http_authorization, 7))
_, _, login, pwd = string.find(auth, "(%w+):(%w+)")
if (login == 'u') and (pwd == 'pwd') then
user = login
ngx.say('success loging in')
end
end
if user == nil then
ngx.header["WWW-Authenticate"] = 'Basic realm="Restricted"'
ngx.exit(ngx.HTTP_UNAUTHORIZED)
end
}
}
}ctrl + ccontent_by_lua_blocknginx-lua module directive to specify block of Lua code | ngx.var.http_authorizationthis head is set when user enters login/password in browser |
ngx.decode_base64decode given value from base64 | login, pwd = string.find(auth, "(%w+):(%w+)")extract login and password from auth header |
(login == 'u') and (pwd == 'pwd')check login (should be | user = loginset |
if user == nil thenif not authed or wrong credentials | WWW-Authenticatesend HTTP basic auth header to request login & password from user |
Usage example
local user = nil
if ngx.var.http_authorization then
local auth = ngx.decode_base64(string.sub(ngx.var.http_authorization, 7))
_, _, login, pwd = string.find(auth, "(%w+):(%w+)")
if (login == 'u') and (pwd == 'pwd') then
user = login
ngx.say('success loging in')
end
end
if user == nil then
ngx.header["WWW-Authenticate"] = 'Basic realm="Restricted"'
ngx.exit(ngx.HTTP_UNAUTHORIZED)
endoutput
falseMore of Nginx Lua
- How to parse JSON
- How to install Nginx Lua module in Ubuntu 22.04
- How to send HTML response
- How to return 403 Forbidden status code
- How to set global variable
- How to read file
- How to sleep in code
- How to modify response header with Lua
- How to use Luarocks and other modules in Nginx Lua
- How execute shell command with Lua
See more codes...