github-mirror/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2026-04-08 13:46:14 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added support for reading auth header from env variable

Browse Source
This commit is contained in:
Marc Ole Bulling 2022-01-13 00:01:48 +01:00
parent 8ec0d9319b
commit d82fafe722
2 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config-dist.php
View File

@ -76,6 +76,8 @@ Setting('AUTH_CLASS', 'Grocy\Middleware\DefaultAuthMiddleware');
// When using ReverseProxyAuthMiddleware, // When using ReverseProxyAuthMiddleware,
// the name of the HTTP header which your reverse proxy uses to pass the username (on successful authentication) // the name of the HTTP header which your reverse proxy uses to pass the username (on successful authentication)
Setting('REVERSE_PROXY_AUTH_HEADER', 'REMOTE_USER'); Setting('REVERSE_PROXY_AUTH_HEADER', 'REMOTE_USER');
// When using ReverseProxyAuthMiddleware, set to true if the username is passed as environment variable
Setting('REVERSE_PROXY_AUTH_USE_ENV', false);
// LDAP options when using LdapAuthMiddleware // LDAP options when using LdapAuthMiddleware
Setting('LDAP_ADDRESS', ''); // Example value "ldap://vm-dc2019.local.berrnd.net" Setting('LDAP_ADDRESS', ''); // Example value "ldap://vm-dc2019.local.berrnd.net"

22
middleware/ReverseProxyAuthMiddleware.php
View File

@ -22,13 +22,25 @@ class ReverseProxyAuthMiddleware extends AuthMiddleware
return $user; return $user;
} }
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER); if (GROCY_REVERSE_PROXY_AUTH_USE_ENV)
if (count($username) !== 1)
{ {
// Invalid configuration of Proxy $username = $_SERVER[GROCY_REVERSE_PROXY_AUTH_HEADER];
throw new \Exception('ReverseProxyAuthMiddleware: ' . GROCY_REVERSE_PROXY_AUTH_HEADER . ' header is missing or invalid'); if (strlen($username) === 0)
{
// Invalid configuration of Proxy
throw new \Exception('ReverseProxyAuthMiddleware: ' . GROCY_REVERSE_PROXY_AUTH_HEADER . ' header is missing or invalid');
}
} else {
$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
if (count($username) !== 1)
{
// Invalid configuration of Proxy
throw new \Exception('ReverseProxyAuthMiddleware: ' . GROCY_REVERSE_PROXY_AUTH_HEADER . ' header is missing or invalid');
}
$username = $username[0];
} }
$username = $username[0];
$user = $db->users()->where('username', $username)->fetch(); $user = $db->users()->where('username', $username)->fetch();
if ($user == null) if ($user == null)