Nginx password authentication keeps prompting for password

后端 未结 1 1947
日久生厌
日久生厌 2021-02-10 10:12

I want to upload a development branch of my website so that I can show it to clients and make tests in an environment as close to production as possible (with code that may not

1条回答
  •  天涯浪人
    2021-02-10 10:40

    Basic authentication uses the Authorization header to transmit user and password. Django REST also uses this header in the TokenAuthentication authentication backend. Nginx does not support multiple Authorization headers, so if you try to login and use Token authentication simultaneously, things will break.

    A solution requiring no changes to the Django app would be to use another means of authentication in nginx, e.g., client certificates, or, you can use the ngx_http_auth_request_module to check whether a signed session cookie is set/valid or if the request IP is in a (temporary) whitelist, and redirect the user to a page with a login form otherwise.

    0 讨论(0)
提交回复
热议问题