Public Repository

Last pushed: a year ago
Short Description
A container running a small webserver and script to authenticate through access tokens.
Full Description

Auth Proxy

Docker-Nginx-Token-Auth-Proxy is a proxy which verifies request through tokens.

A simple php script verifies each request. This script is bundled in a docker container.
The docker container the script runs in is based on alpine linux using apache and php.

You can use this container in combination with a nginx proxy or another container (of nginx) to verify access.
For example I use it have control over requests to my jwilder/nginx-proxy.

Docker

As explained above the php scripts are wrapped by a docker container.

Usage

You can start the container like this:

docker run -d jdoubleu/simple-token-auth-proxy:latest

Options

Due to theres a webserver running in the container and it's using the default port 80 you need to exposes this port, or, like in my case, connect the
container to another container.

It's recommended to overlay the tokens file (tokens.json) with one of the file system of the docker host.

docker run -d -v /path/to/my/tokensfile:/app/tokens.json jdoubleu/simple-token-auth-proxy:latest

You can also overlay the log file(s):

docker run -d -v /path/to/my/logfile:/var/log/auth/logifle jdoubleu/simple-token-auth-proxy:latest

By default the configuration inside the docker will only create one logfile. If you want to create multiple, for each request, change the config, like described
down below, by also overlaying the CREATE_LOGS file in the /app folder of the container.

Script

To authenticate a simple PHP scripts is used. You can find the Script in the src/ folder.

If you want to run the script on your own service you only need to copy/download the src/ folder.

Requirements

PHP 5.6+ is required. All other versions are not checked.

Usage

Either add a header named ACCESS-TOKEN to your request or add a query parameter named access_token to the uri.

Example:

  • E.g. with header:
    curl -H 'ACCESS-TOKEN: mysecretaccestoken' https://server.tld/path/to/auth.php
    
  • E.g. with query param:
    curl https://server.tld/path/to/auth.php?access_token=mysecretaccesstoken
    

Options

Copy the tokens.example.json to tokens.json and adapt it for your needs.
Each token it it, also those who are nested, will be checked against.

Logging

To enable logging create a file named CREATE_LOGS.

You can either provide a path in this file in which new logfiles would be created for each request or you can provide a filename at which the log will be appended.

Note that the file or the path need to be writable by php.

Docker Pull Command
Owner
jdoubleu

Comments (0)