Docker-Nginx-Token-Auth-Proxy is a proxy which verifies request through tokens.
A simple php script verifies each request. This script is bundled in a docker container.
The docker container the script runs in is based on alpine linux using apache and php.
You can use this container in combination with a nginx proxy or another container (of nginx) to verify access.
For example I use it have control over requests to my
As explained above the php scripts are wrapped by a docker container.
You can start the container like this:
docker run -d jdoubleu/simple-token-auth-proxy:latest
Due to theres a webserver running in the container and it's using the default port
80 you need to exposes this port, or, like in my case, connect the
container to another container.
It's recommended to overlay the tokens file (
tokens.json) with one of the file system of the docker host.
docker run -d -v /path/to/my/tokensfile:/app/tokens.json jdoubleu/simple-token-auth-proxy:latest
You can also overlay the log file(s):
docker run -d -v /path/to/my/logfile:/var/log/auth/logifle jdoubleu/simple-token-auth-proxy:latest
By default the configuration inside the docker will only create one logfile. If you want to create multiple, for each request, change the config, like described
down below, by also overlaying the
CREATE_LOGS file in the
/app folder of the container.
To authenticate a simple PHP scripts is used. You can find the Script in the
If you want to run the script on your own service you only need to copy/download the
PHP 5.6+ is required. All other versions are not checked.
Either add a header named
ACCESS-TOKEN to your request or add a query parameter named
access_token to the uri.
- E.g. with header:
curl -H 'ACCESS-TOKEN: mysecretaccestoken' https://server.tld/path/to/auth.php
- E.g. with query param:
tokens.json and adapt it for your needs.
Each token it it, also those who are nested, will be checked against.
To enable logging create a file named
You can either provide a path in this file in which new logfiles would be created for each request or you can provide a filename at which the log will be appended.
Note that the file or the path need to be writable by php.