I have written an API in Go for Authentication.
- You can
POST /registerwhich will create a new user and save it in the Postgres DB Let's say I have an Ingress setup somewhat like this. - Afterward you can
POST /loginwith your credentials. This will create a session token and attach it to the cookie and creates an entry for the session in a Redis - You can also
GET /logoutwhich will revoke your token by deleting it from Redis and expiring your cookie
The API itself is also running in the kubernetes cluster in its own deployment with its own service and is also exposed via its own ingress.
Now I have a different Ingress for another service setup somewhat like this.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: foo
spec:
tls:
- hosts:
- foo.domain.com
rules:
- host: foo.domain.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: foo
port:
number: 5050
I want to setup Ingress with something similar to a Middleware in a way so every time someone wants to access the address foo.domain.com it directs the request to the Go API to check if the cookie is valid and then either allow or deny the access.
Is this possible or do I have to do it completely differently? I quite new to kubernetes so I need some help.
Thanks in advance :)
I have found this post where the answer was this:
annotations:
nginx.ingress.kubernetes.io/auth-url: "https://$host/oauth2/auth"
nginx.ingress.kubernetes.io/auth-signin: "https://$host/oauth2/start?rd=$escaped_request_uri"
But I have only found this in relation to an OAuth2 setup which I don't have.
