如何配置nginx将用户信息传递给wsgi/flask

Question

我有一个nginx http服务器，它对用户进行身份验证，并通过wsgi将已验证的请求传递给Flask应用程序。当我从烧瓶应用程序打印整个标题时，没有用户信息可用。

是否有可能让nginx在请求头中包含用户名？

下面是认证配置服务器块...

server { 
    listen 80; 
    server_name notes.example.org; 
    return 301 https://$server_name$request_uri; 
} 

server { 


    # SSL configuration 

    listen 443; 
    listen [::]:443; 
    include snippets/ssl-example.org.conf; 
    include snippets/ssl-params.conf; 
    server_name notes.example.org; 

    location/{ 
     auth_basic "Restricted Content"; 
     auth_basic_user_file /path/to/passwd/file; 
     include uwsgi_params; 
     uwsgi_pass unix:/path/to/wsgi/socket; 
    } 


} 

请求头由下WSGI运行应用所看到...

Authorization: Basic **************== 
Content-Length: 0 
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36 
Dnt: 1 
Host: notes.example.org 
Upgrade-Insecure-Requests: 1 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 
Accept-Language: en-US,en;q=0.8 
Content-Type: 
Accept-Encoding: gzip, deflate, sdch, br 

Answer 1

在这里，您正在使用HTTP基本身份验证选项，在nginx服务器给出成功的反馈后，浏览器发送username:password的base64。 只是使用Python的base64模块获取用户名密码&，

>>> from base64 import b64decode 
>>> authorization_header = "dXNlcm5hbWU6cGFzc3dvcmQ=" # value from flask request header 
>>> details = b64decode("dXNlcm5hbWU6cGFzc3dvcmQ=") 
>>> username, password = details.split(':') 
>>> username 
'username' 
>>> password 
'password' 
>>>