Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: ability for reverse proxy to enforce own auth scheme #102

Merged
merged 3 commits into from
Feb 16, 2022
Merged

feat: ability for reverse proxy to enforce own auth scheme #102

merged 3 commits into from
Feb 16, 2022

Conversation

theborakompanioni
Copy link
Collaborator

A reverse proxy must be used in order to use this application. Since such a proxy might want to enforce it's own authentication mechanism, a small adaption is needed how requests to jmwalletd are constructed and forwarded.

This change includes sending the bearer token via a header named x-jm-authorization instead of Authorization in order for the reverse proxy to use the Authorization header for it's own purposes.

From this change onward, any reverse proxy that wants to deliver this application must forward the x-jm-authorization header as Authorization header to jmwalletd. No other changes are needed for the development environment.

@theborakompanioni theborakompanioni requested a review from a user February 16, 2022 10:08
@theborakompanioni theborakompanioni self-assigned this Feb 16, 2022
@theborakompanioni theborakompanioni added concept Wild idea, or too many details unknown yet security Issues related to security; could lead to loss of funds labels Feb 16, 2022
@theborakompanioni theborakompanioni mentioned this pull request Feb 16, 2022
Merged
ghost
ghost reviewed Feb 16, 2022
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pragmatic solution. Nice!

src/libs/JmWalletApi.js Outdated Show resolved Hide resolved
src/setupProxy.js Outdated Show resolved Hide resolved
src/setupProxy.js Outdated Show resolved Hide resolved
theborakompanioni and others added 2 commits February 16, 2022 11:36
@theborakompanioni
review: capitalize auth header in reverse proxy
f2b17e6
@theborakompanioni
Update src/libs/JmWalletApi.js
1e9d05b 
Co-authored-by: Daniel <10026790+dnlggr@users.noreply.github.com>
@ghost
Copy link

ghost commented Feb 16, 2022

Linking joinmarket-webui/jam-docker#12 for reference.

@theborakompanioni theborakompanioni requested a review from a user February 16, 2022 12:48
ghost
ghost approved these changes Feb 16, 2022
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested with in regtest (#99). LGTM! ✅

@theborakompanioni theborakompanioni merged commit 5b7fc98 into master Feb 16, 2022
@theborakompanioni theborakompanioni deleted the tbk/devel/x-jm-authorization branch February 16, 2022 13:14
@dergigi dergigi linked an issue Feb 22, 2022 that may be closed by this pull request
Additional protection for web interface (access control) #75
Closed
@ghost ghost mentioned this pull request Feb 22, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
Assignees

@theborakompanioni theborakompanioni

Labels
concept Wild idea, or too many details unknown yet security Issues related to security; could lead to loss of funds
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Additional protection for web interface (access control)
1 participant
@theborakompanioni