Added support for private apis

This commit is contained in:
2025-06-02 01:42:17 +02:00
parent b0162abb88
commit 54f7e5536a
21 changed files with 527 additions and 244 deletions
@@ -0,0 +1,40 @@
import os
import logging
from http.server import BaseHTTPRequestHandler, HTTPServer
# Configure logging
logging.basicConfig(
level=logging.INFO,
format="%(asctime)s [%(levelname)s] %(message)s"
)
EXPECTED_TOKEN = os.getenv("AUTH_TOKEN", "")
class AuthHandler(BaseHTTPRequestHandler):
def do_GET(self):
auth = self.headers.get('Authorization')
# Log request info
client_ip = self.client_address[0]
logging.info(f"Auth request from {client_ip}")
if auth == f"Bearer {EXPECTED_TOKEN}":
logging.info("Authentication successful")
self.send_response(200)
else:
logging.warning("Authentication failed")
self.send_response(401)
self.end_headers()
def log_message(self, format, *args):
# Suppress default BaseHTTPRequestHandler logging
return
if __name__ == '__main__':
if not EXPECTED_TOKEN:
logging.error("AUTH_TOKEN environment variable not set. Exiting.")
exit(1)
server = HTTPServer(('', 5000), AuthHandler)
logging.info("Auth server running on port 5000...")
server.serve_forever()
@@ -10,9 +10,24 @@ server {
%{ if custom_snippet != "" ~}
${custom_snippet}
%{ endif ~}
%{ if auth ~}
location = /auth {
internal;
proxy_pass http://localhost:5000/;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header Authorization $http_authorization;
}
%{ endif }
%{ for l in locations ~}
location ${l.path} {
proxy_pass ${upstream};
%{ if l.private ~}
auth_request /auth;
%{ endif ~}
%{ if l.rewrite != "" ~}
rewrite ${l.rewrite};
%{ endif ~}
proxy_pass %{ if l.upstream != "" ~}${l.upstream}%{ else ~}${upstream}%{ endif ~};
proxy_http_version 1.1;
%{ for k,v in l.headers ~}
proxy_set_header ${k} ${v};