Update references to remove hash router

* Update references to remove hash router

In commit 9ae2096, the redirection parameter is changed in the example `nginx.conf`, and also in other places like `internal/middlewares/identity_verification.go`:

```
- link := fmt.Sprintf("%s://%s/#%s?token=%s", ctx.XForwardedProto(),
+ link := fmt.Sprintf("%s://%s%s?token=%s", ctx.XForwardedProto(),
```
This commit is contained in:
Silver Bullet 2020-01-06 13:39:51 +08:00 committed by Clément Michaud
parent 612881ca67
commit eeefec2fac
4 changed files with 7 additions and 8 deletions

View File

@ -21,8 +21,8 @@ fortunately migration tools are provided to ease the task.
* The configuration mostly remained the same, only one major key has been added: `jwt_secret`
and one key removed: `secure` from the SMTP notifier as the Go SMTP library default to TLS
if available.
* The Hash router has been replaced by a Browser router. This means that the weird characters
/%23/ in the URL could now be safely removed.
* The Hash router has been removed and replaced with a Browser router. This means that the weird characters
/%23/ and /#/ in the redirection URL can now be safely removed.
* The local storage used for dev purpose was a `nedb` database which was implementing the
same interface as mongo but was not really standard. It has been replaced by a good old
sqlite3 database.
@ -91,4 +91,4 @@ For user-based rules, use `subject: 'user:myuser'` where `myuser` is the user yo
Please note that in the new system, the first matching rule applies and the next ones are not taken into
account. If no rule apply, the default policy still applies and if no default policy is provided, the `deny`
policy applies.
policy applies.

View File

@ -43,8 +43,7 @@ Here is a commented example of configuration
# If Authelia returns 401, then nginx redirects the user to the login portal.
# If it returns 200, then the request pass through to the backend.
# For other type of errors, nginx will handle them as usual.
# NOTE: do not forget to include /#/ representing the hash router of the web application.
error_page 401 =302 https://login.example.com:8080/#/?rd=$target_url;
error_page 401 =302 https://login.example.com:8080/?rd=$target_url;
proxy_pass $upstream_endpoint;
}
@ -80,4 +79,4 @@ Here is a commented example of configuration
}
[nginx]: https://www.nginx.com/
[nginx]: https://www.nginx.com/

View File

@ -37,7 +37,7 @@ Authelia's verification endpoint.
The ingress controller also requires the URL to the
authentication portal so that the user can be redirected if he is not
yet authenticated. This annotation is as follows:
`nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/#/"`
`nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/"`
Those annotations can be seen in `apps/apps.yml` configuration.

View File

@ -75,7 +75,7 @@ metadata:
kubernetes.io/ingress.allow-http: "false"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/auth-url: "http://authelia-service.authelia.svc.cluster.local/api/verify"
nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/#/"
nginx.ingress.kubernetes.io/auth-signin: "https://login.example.com:8080/"
spec:
tls:
- secretName: test-app-tls