30 lines
828 B
Caddyfile
30 lines
828 B
Caddyfile
localhost {
|
|
import auth/setup
|
|
# Only users with myapp:reports and auth admin permissions
|
|
handle_path /reports {
|
|
import auth/require perm=myapp:reports&perm=auth:admin
|
|
respond "Reports area (protected) for {http.request.header.remote-org-name}" 200
|
|
}
|
|
# Public paths (no auth)
|
|
@public path /favicon.ico /.well-known/*
|
|
handle @public {
|
|
reverse_proxy :3000
|
|
}
|
|
# Respond with user's display name
|
|
handle_path /hello {
|
|
import auth/require ""
|
|
respond "Hello, {http.request.header.remote-name}! Your permissions: {http.request.header.remote-groups}" 200
|
|
}
|
|
# Default route, requires authentication but no authorization
|
|
handle {
|
|
import auth/require ""
|
|
reverse_proxy :3000
|
|
}
|
|
}
|
|
|
|
localhost:4404 {
|
|
# Full site protected, /auth/ reserved for auth service
|
|
import auth/all perm=auth:admin {
|
|
reverse_proxy :3000
|
|
}
|
|
} |