This repository was archived by the owner on May 26, 2020. It is now read-only.
This repository was archived by the owner on May 26, 2020. It is now read-only.
[feature] permit to use custom header instead of Authorization #472
Description
Permit to use another header than Authorization to retrieve token.
Current and suggested behavior
Current: this module permit only to use the standard header Authorization
Suggested: permit to user to define a custom header name
Why would the enhancement be useful to most users
For example:
I have a Django API which uses this module to manage authentication with JWT. I run this API in 2 environment: stage and production. Both behind a nginx proxy.
- On production: it works perfectly: my client use the
Authorizationheader to give JWT to API - On stage: I want to protect my stage environment with a password and without any change to API code.
- I configure
basic_authin nginx which use theAuthorizationheader. - Like in production, my API uses the
Authorizationheader. - I have a header conflict...
- I configure
In this example, I want to use a custom header (ex X-Authorization) in order to avoid conflict and provide both header for nginx & api authentication.
Example from stackoverflow: https://stackoverflow.com/questions/22229996/basic-http-and-bearer-token-authentication