Comments (5)
hehe i had not and stumbled upon this setting a few days ago. Didnt have time to test this yet tho. I will try this in the next few days and report back. If i cant get it to work i will gladly ask you for more support :)
from glauth-ui.
Are you setting APPLICATION_ROOT in flask?
from glauth-ui.
Also @sonicnkt feel free to ping me if you have a question like this, I have a fair bit of experience with python/flask and I'd like to support this project. Didn't see this issues until now though.
from glauth-ui.
Be aware that if you're trying to use cookie sub-domains (so you can use an example.com cookie on foo.example.com) it's not going to work on localhost
based domains. I think a bunch of people would probably want to use this on localhost, so it's something to be aware of.
Traefik will proxy the glauth server instead of the forbidden server when using it's "Authentication Based on Subrequest Result" equivalent, there might be a way to set up nginx similarly. I'm a bit tied in to traefik for complicated reasons, but the forward_auth stuff I'm working on assumes that glauth is proxied instead of the app we want to authenticate for.
Or it could be that you're doing this for some entirely different reason that has nothing to do with cookie domains, in which case ignore all that.
from glauth-ui.
Finally figured this out...
And yeah this is completely unrelated to cookies and i just didn't want to serve the ui in the root of my domain but from a subdirectory.
Since we are using gunicorn for deployment this is completely configured outside of flask and no SERVER_NAME
or APPLICATION_ROOT
needs to be manually set if you have correct proxy forwarding working. You only have to tell gunicorn that it should serve this from a subdirectory/prefix.
To get this working add the SCRIPT_NAME
environment variable to the docker-compose.yml
, for example:
SCRIPT_NAME=/account
And configure your proxy like this (nginx):
server {
listen 443 ssl http2;
server_name subdomain.example.com;
include /etc/nginx/ssl-stuff.conf; # SSL Certificates, keys etc
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
... your other locations ...
location /account/ {
proxy_pass http://127.0.0.1:3005/account/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}
It is important that you also set the path/prefix in the proxy_pass setting.
After this everything works fine and you can access https://subdomain.example.com/account/
, all generated urls are correct.
from glauth-ui.
Related Issues (12)
- Provide a sample docker-compose file that includes launching a glauth server? HOT 1
- Error - "unable to open database file" when using bind mount HOT 2
- Missing options in glauth settings tab HOT 2
- Use existing glauth environment? HOT 4
- Changing UID breaks group associations HOT 1
- Still active HOT 7
- Include an OAuth server HOT 7
- No license HOT 2
- "Internal Server Error" after Login HOT 1
- Generate secret key during first run and store it in the database HOT 5
- Disable browser autofill on new password forms HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from glauth-ui.