mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
Update references to remove hash router
* Update references to remove hash router
In commit 9ae2096
, the redirection parameter is changed in the example `nginx.conf`, and also in other places like `internal/middlewares/identity_verification.go`:
```
- link := fmt.Sprintf("%s://%s/#%s?token=%s", ctx.XForwardedProto(),
+ link := fmt.Sprintf("%s://%s%s?token=%s", ctx.XForwardedProto(),
```
This commit is contained in:
parent
612881ca67
commit
eeefec2fac
|
@ -21,8 +21,8 @@ fortunately migration tools are provided to ease the task.
|
|||
* The configuration mostly remained the same, only one major key has been added: `jwt_secret`
|
||||
and one key removed: `secure` from the SMTP notifier as the Go SMTP library default to TLS
|
||||
if available.
|
||||
* The Hash router has been replaced by a Browser router. This means that the weird characters
|
||||
/%23/ in the URL could now be safely removed.
|
||||
* The Hash router has been removed and replaced with a Browser router. This means that the weird characters
|
||||
/%23/ and /#/ in the redirection URL can now be safely removed.
|
||||
* The local storage used for dev purpose was a `nedb` database which was implementing the
|
||||
same interface as mongo but was not really standard. It has been replaced by a good old
|
||||
sqlite3 database.
|
||||
|
@ -91,4 +91,4 @@ For user-based rules, use `subject: 'user:myuser'` where `myuser` is the user yo
|
|||
|
||||
Please note that in the new system, the first matching rule applies and the next ones are not taken into
|
||||
account. If no rule apply, the default policy still applies and if no default policy is provided, the `deny`
|
||||
policy applies.
|
||||
policy applies.
|
||||
|
|
|
@ -43,8 +43,7 @@ Here is a commented example of configuration
|
|||
# If Authelia returns 401, then nginx redirects the user to the login portal.
|
||||
# If it returns 200, then the request pass through to the backend.
|
||||
# For other type of errors, nginx will handle them as usual.
|
||||
# NOTE: do not forget to include /#/ representing the hash router of the web application.
|
||||
error_page 401 =302 https://login.example.com:8080/#/?rd=$target_url;
|
||||
error_page 401 =302 https://login.example.com:8080/?rd=$target_url;
|
||||
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
|
@ -80,4 +79,4 @@ Here is a commented example of configuration
|
|||
}
|
||||
|
||||
|
||||
[nginx]: https://www.nginx.com/
|
||||
[nginx]: https://www.nginx.com/
|
||||
|
|
|
@ -37,7 +37,7 @@ Authelia's verification endpoint.
|
|||
The ingress controller also requires the URL to the
|
||||
authentication portal so that the user can be redirected if he is not
|
||||
yet authenticated. This annotation is as follows:
|
||||
`nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/#/"`
|
||||
`nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/"`
|
||||
|
||||
Those annotations can be seen in `apps/apps.yml` configuration.
|
||||
|
||||
|
|
|
@ -75,7 +75,7 @@ metadata:
|
|||
kubernetes.io/ingress.allow-http: "false"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/auth-url: "http://authelia-service.authelia.svc.cluster.local/api/verify"
|
||||
nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/#/"
|
||||
nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/"
|
||||
spec:
|
||||
tls:
|
||||
- secretName: test-app-tls
|
||||
|
|
Loading…
Reference in New Issue
Block a user