django - Nginx password authentication keeps prompting for password -

-

i want upload development branch of website can show clients , make tests in environment close production possible (with code may not ready production). password protect site.

i'm developing website using django , use nginx serving website (with uwsgi). manage prompted password applying following directives:

auth_basic "restricted content";  # tried "private property" auth_basic_user_file /etc/nginx/.htpasswd;

but problem after entering first password properly, keeps prompting me user & password again; if every api call need authenticated.

i think issue might configuration file, here's site.conf file:

server {     listen 80;     server_name panel.mysite.dev;     root /path/to/my/app/front/dist;      ### i've tried 'auth_basic' here      location / {          root /path/to/my/app/front/dist;         index index.html;          auth_basic "private property";         auth_basic_user_file /etc/nginx/.htpasswd;     }     location /media {         rewrite ^(.*)$ http://media.mysite.dev$1;     }     location /static {         rewrite ^(.*)$ http://static.mysite.dev$1;     }  }  server {     listen 80;     server_name api.mysite.dev;      ### i've tried 'auth_basic' here      location /api {         client_max_body_size 25m;         uwsgi_pass unix:/tmp/api.mysite.dev.sock;         include /path/to/my/app/back/uwsgi_params;     }  } server {     listen 80;     server_name media.mysite.dev;     root /path/to/my/app/media;     add_header 'access-control-allow-origin' '.*\.mysite\.[com|dev]';      location / {         root /path/to/my/app/media;     } } server {     listen 80;     server_name static.mysite.dev;     root /path/to/my/app/static;     if ($http_origin ~* (https?://.*\.mysite\.[com|dev](:[0-9]+)?)) {         set $cors "true";     }     location / {         if ($cors = "true") {             add_header 'access-control-allow-origin' "$http_origin";         }     } }

my question: there way remember password once entered , allow authenticated users navigate easily? or missing trivial?

edit: in django settings.py:

authentication_backends = (     'oauth2_provider.backends.oauth2backend',     'django.contrib.auth.backends.modelbackend',     'allauth.account.auth_backends.authenticationbackend', ) ... rest_framework = {     ...     default_authentication_classes': (         'rest_framework.authentication.tokenauthentication',         'oauth2_provider.ext.rest_framework.oauth2authentication',     ),

thank in advance. appreciated

basic authentication uses authorization header transmit user , password. django rest also uses header in tokenauthentication authentication backend. nginx does not support multiple authorization headers, if try login , use token authentication simultaneously, things break.

a solution requiring no changes django app use means of authentication in nginx, e.g., client certificates, or, can use ngx_http_auth_request_module check whether signed session cookie set/valid or if request ip in (temporary) whitelist, , redirect user page login form otherwise.


Comments

Post a Comment

Popular posts from this blog

java - Run spring boot application error: Cannot instantiate interface org.springframework.context.ApplicationListener -

-
i have spring project , try make use spring boot , run @ embadded tomcat following : https://spring.io/guides/gs/rest-service/ this application //@configuration //@enableaspectjautoproxy @springbootapplication @componentscan(basepackages = "gux.prome") public class application { public static void main(string[] args) { springapplication.run(application.class, args); } } if use maven command: mvn spring-boot:run , project starts fine, need debug , run main method @ intelij, exception occurs: exception in thread "main" java.lang.illegalargumentexception: cannot instantiate interface org.springframework.context.applicationlistener : org.springframework.boot.logging.classpathloggingapplicationlistener @ org.springframework.boot.springapplication.createspringfactoriesinstances(springapplication.java:414) @ org.springframework.boot.springapplication.getspringfactoriesinstances(springapplication.java:394) @ org.springframework.bo...
Read more

python - pip wont install .WHL files -

-
when try install .whl gohike typing cmd c:\users\owner\downloads>pip install ta_lib-0.4.9-cp27-none-win_amd64.whl i print out: `processing c:\users\owner\downloads\ta_lib-0.4.9-cp27-none-win_amd64.whl complete output command python setup.py egg_info: traceback <most recent call last>: file "<string>", line 1, in <module> ioerror: [errno 2] no such file or directory:'c:\\users\\owner\\appdata\\lo cal\\temp\\pip-9gwk2c-build\\setup.py' ----------------------------------------- command "python setup.py egg_info" failed error code 1 in c:\users\owner\ap pdata\local\temp\pip-9gwk2c-build\` the part between pip- , -build in pip-9gwk2c-build different on same file. i asked python 2.7.11 pip 8.0.3 can't install gohike whl of ta-lib 0.4.9 few days ago , decided ask differently. can me! you have outdated pip not understand wheels. wheels not supposed have setup.py inside. try upgrading pip pip in...
Read more

Excel VBA "Microsoft Windows Common Controls 6.0 (SP6)" Location Changes -

-
i have excel workbook used generate quotations customers. there main page user inputs data, , there buttons generate various pdfs , send them customer. however, 1 user consistently getting error preventing generating , sending pdfs. i beleive "microsoft windows common controls 6.0 (sp6)". it's installed on users' computers. on mine, location "c:\windows\syswow64\mscomctl.ocx" on others "c:\windows\system32\mscomctl.ocx" the user experiencing issues on 32-bit machine, "mscomctl.ocx" file should in system32. have manually put in there, , pointed common controls reference in vba it. issue seems keep reverting looking in syswow64. since folder doesn't exist, can't find it, , can't produce pdfs. i thought perhaps issue user running older version of office (2007) there users on 2013 , 2016. thought perhaps mixture of 64-bit , 32-bit users. user gets sent workbook other users (as quotation process goes further, gets passed ...
Read more