On Thu, Jun 18, 2015 at 11:29 AM, Vader M. [email protected]
wrote:
I’m having trouble setting a cookie conditionally based upon
an upstream variable The hope is to cache an auth token in an
encrypted session and only go to the backend auth token generator once.
I managed to figure out how to use map to set the cookie:
map $new_auth_tok $cond_cookie_k {
'' '';
default "my_login=";
}
map $new_auth_tok $cond_cookie_v {
'' '';
default $b32_session;
}
add_header Set-Cookie $cond_cookie_k$cond_cookie_v;
However, my problem is that set_encrypt_session actually runs in the
rewrite phase before my authentication back end like this:
location / {
root /var/www;
index index.html index.htm;
set_encrypt_session $enc_auth_tok $new_auth_tok;
set_encode_base32 $b32 $enc_auth_tok;
auth_request /auth;
auth_request_set $new_auth_tok $upstream_http_auth_tok;
add_header Set-Cookie $cond_cookie_k$cond_cookie_v;
}
Is there any way to encrypt after the access phase?