Update references to remove hash router

* Update references to remove hash router

In commit 9ae2096, the redirection parameter is changed in the example `nginx.conf`, and also in other places like `internal/middlewares/identity_verification.go`:

```
- link := fmt.Sprintf("%s://%s/#%s?token=%s", ctx.XForwardedProto(),
+ link := fmt.Sprintf("%s://%s%s?token=%s", ctx.XForwardedProto(),
```
This commit is contained in:
Silver Bullet 2020-01-06 13:39:51 +08:00 committed by Clément Michaud
parent 612881ca67
commit eeefec2fac
4 changed files with 7 additions and 8 deletions

View File

@ -21,8 +21,8 @@ fortunately migration tools are provided to ease the task.
* The configuration mostly remained the same, only one major key has been added: `jwt_secret` * The configuration mostly remained the same, only one major key has been added: `jwt_secret`
and one key removed: `secure` from the SMTP notifier as the Go SMTP library default to TLS and one key removed: `secure` from the SMTP notifier as the Go SMTP library default to TLS
if available. if available.
* The Hash router has been replaced by a Browser router. This means that the weird characters * The Hash router has been removed and replaced with a Browser router. This means that the weird characters
/%23/ in the URL could now be safely removed. /%23/ and /#/ in the redirection URL can now be safely removed.
* The local storage used for dev purpose was a `nedb` database which was implementing the * The local storage used for dev purpose was a `nedb` database which was implementing the
same interface as mongo but was not really standard. It has been replaced by a good old same interface as mongo but was not really standard. It has been replaced by a good old
sqlite3 database. sqlite3 database.

View File

@ -43,8 +43,7 @@ Here is a commented example of configuration
# If Authelia returns 401, then nginx redirects the user to the login portal. # If Authelia returns 401, then nginx redirects the user to the login portal.
# If it returns 200, then the request pass through to the backend. # If it returns 200, then the request pass through to the backend.
# For other type of errors, nginx will handle them as usual. # For other type of errors, nginx will handle them as usual.
# NOTE: do not forget to include /#/ representing the hash router of the web application. error_page 401 =302 https://login.example.com:8080/?rd=$target_url;
error_page 401 =302 https://login.example.com:8080/#/?rd=$target_url;
proxy_pass $upstream_endpoint; proxy_pass $upstream_endpoint;
} }

View File

@ -37,7 +37,7 @@ Authelia's verification endpoint.
The ingress controller also requires the URL to the The ingress controller also requires the URL to the
authentication portal so that the user can be redirected if he is not authentication portal so that the user can be redirected if he is not
yet authenticated. This annotation is as follows: yet authenticated. This annotation is as follows:
`nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/#/"` `nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/"`
Those annotations can be seen in `apps/apps.yml` configuration. Those annotations can be seen in `apps/apps.yml` configuration.

View File

@ -75,7 +75,7 @@ metadata:
kubernetes.io/ingress.allow-http: "false" kubernetes.io/ingress.allow-http: "false"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/auth-url: "http://authelia-service.authelia.svc.cluster.local/api/verify" nginx.ingress.kubernetes.io/auth-url: "http://authelia-service.authelia.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/#/" nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/"
spec: spec:
tls: tls:
- secretName: test-app-tls - secretName: test-app-tls