34 lines
1.1 KiB
Plaintext
34 lines
1.1 KiB
Plaintext
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name secure.*;
|
|
|
|
location / {
|
|
proxy_redirect http://127.0.0.1/ https://$host/;
|
|
proxy_pass http://oathkeeper:4455;
|
|
}
|
|
|
|
location /.ory/kratos/public/self-service/login/methods/password {
|
|
proxy_redirect http://127.0.0.1/ https://$host/;
|
|
proxy_pass http://oathkeeper:4455;
|
|
|
|
header_filter_by_lua_block {
|
|
if ngx.status >= ngx.HTTP_OK and ngx.status < ngx.HTTP_BAD_REQUEST then
|
|
local http = require("socket.http")
|
|
local sessionCookie = ""
|
|
local responseCookies = {}
|
|
for k, cookie in ipairs(ngx.header["set-cookie"]) do
|
|
local sessionCookieMatch = string.match(cookie, "(ory_kratos_session=[^;]+);")
|
|
if sessionCookieMatch then sessionCookie = sessionCookieMatch end
|
|
table.insert(responseCookies, cookie)
|
|
end
|
|
local ok, status, headers = http.request { url = "http://oathkeeper:4455/user", headers = { Cookie = sessionCookie } }
|
|
if headers["set-cookie"] then
|
|
table.insert(responseCookies, headers["set-cookie"])
|
|
ngx.header["set-cookie"] = responseCookies
|
|
end
|
|
end
|
|
}
|
|
}
|
|
}
|