3

How do I store and retrieve the original request location (/secure) to return a user back to that location when they log in?

Everything works really well for Nginx auth_request. If a user is authenticated, the internal /access_token returns 200 and access to /secure location proceeds.

If a user is not authenticated, then /access_token location returns a 401 and the user is redirected to a login page.

location / {
    include proxy_params.conf;
    proxy_pass http://172.31.25.103:3030;
    
    location /secure {
      auth_request /access_token;
      auth_request_set $auth_status $upstream_status;
      auth_request_set $auth_cookie $upstream_http_set_cookie;
      add_header X-Payload $payload;
      add_header X-Location_se $request;
    }

  }

# ...

location /access_token { #internal
    internal;
    include proxy_params.conf;
    proxy_pass @authserver;
    proxy_pass_request_body off;
    proxy_set_header Content-Length "";
    proxy_set_header X-Payload $payload;
    add_header X-Payload_at $payload;
  }  

  error_page 401 = @error401;

  location @error401 {
    add_header X-Success-Redirect $request;
    return 302 '/login/';
  }

After a user logs in, I would like to have it return them back to the original /secure location now that they have signed in and obtained credentials?

Peter Jaffray
  • 63
  • 13
  • I think it is your backend should be responsible for issuing that redirect, and in your error 401 handler you should pass that return URI to your backend, something like `return 302 /login/?returnto=$request_uri;` – Ivan Shatsky Jun 28 '22 at 23:07
  • ```location @error401 { add_header X-Success-Redirect $request_uri; add_header Set-Cookie "original_request=$request; path=/; secure; HttpOnly;"; return 302 '/login/?returnto=$request_uri'; } – Peter Jaffray Jun 29 '22 at 01:36

0 Answers0