Using Nginx auth in PHP scripts

Hello,

The only information I got on the Web was to protect folders with Nginx
auth, just like the plein old Apache’s .htaccess.

I am already using AuthPlain to secure a folder with Nginx, using PHP
scripts inside.
I wonder if it was possible to use Nginx auth information inside those
PHP
scripts.

More precisely, I would have a directory protected with AuthPlain and I
would have a script (let’s call it index.php) being called when the
authentication is successful.
The AuthPlain has several users registered and I would like to know if
index.php might be aware who logged in to welcom him with his/her
username.

Am I dreaming too much ?

B. R.

Thanks, I learned something there.

But does the auth_basic
modulehttp://nginx.org/en/docs/http/ngx_http_auth_basic_module.htmlallows
you to load the username in a Nginx variable?
From what I understand everything is processed internally.


B. R.

You can pass environment vars to PHP no problem…

Eg: if you set up geoip in nginx.conf

geoip_country /usr/share/GeoIP/GeoIP.dat;

this makes $geoip_country_code available to your nginx config.

If you then set
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;

then

$_SERVER[‘GEOIP_COUNTRY_CODE’] is then available to php.

This can be done for any variable set within nginx.

hth,

Stve

On Tue, Feb 26, 2013 at 04:23:14PM -0500, B.R. wrote:

Hi there,

But does the auth_basic
modulehttp://nginx.org/en/docs/http/ngx_http_auth_basic_module.htmlallows
you to load the username in a Nginx variable?
From what I understand everything is processed internally.

http://nginx.org/en/docs/http/ngx_http_core_module.html#variables

$remote_user is what you want as the nginx variable, if you are using
http basic authentication.

f

Francis D. [email protected]

Thanks to both of you, I got the info I was seeking for.

However, when I try to activate the fastcgi_param, the content doesn’t
seem
to reach PHP anymore.
No error logged neither in Nginx nor PHP it seems.
I feel like I am a noob… oO

server {
listen 80;
server_name ~ab.cd$;
root /var/web/$host;
index index.html index.php;
try_files $uri $uri/ =404;
access_log /var/log/nginx/ab.cd/access.log main;
error_log /var/log/nginx/ab.cd/error.log warn;
include conf.d/includes/fastcgi.conf;
auth_basic “Get out!”;
auth_basic_user_file /var/web/ab.cd.htpasswd;

    location ~ \.php$ {
            fastcgi_pass    unix:/var/run/php-fpm.sock;

            #If the following is activated, no more PHP output...

Something is wrong

fastcgi_param MY_GREAT_USER $remote_user;

    }

}


B. R.

It’s my understanding the $remote_user is available.

Sorry, a poor example. Could have used one that answers your question
directly…

Steve

Thanks for your great help!

Now I think I got it all.
Well it was non-sense to put fastcgi out of the PHP location anyway…
but
I didn’t know about the environment problem.
I’ll try to think about that next time something I play with Nginx
configuration.

Everything is OK now.


B. R.

On Tue, Feb 26, 2013 at 05:26:49PM -0500, B.R. wrote:

I feel like I am a noob… oO

The problem is due to how nginx directives are inherited to different
levels. It’s consistent within nginx, so once you learn it you can apply
it to all directives which inherit.

Just put your new fastcgi_param directive at the same level as the
others
(which are in the “include” file).

So, either:

    include         conf.d/includes/fastcgi.conf;

put “fastcgi_param” here, or

fastcgi_param MY_GREAT_USER $remote_user;

put “include” here.

f

Francis D. [email protected]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs