ueffel / caddy-basic-auth-filter Goto Github PK
View Code? Open in Web Editor NEWCaddy log filter module with a log field filter to extract the user from a basic Authorization HTTP-Header
Caddy log filter module with a log field filter to extract the user from a basic Authorization HTTP-Header
Hallo Steffen,
hier auch Steffen - ebenfalls ein Caddy-User aus Deutschland ๐
I am using your Caddy module on a domain, where different types of HTTP-Authentication are used, but mostly Basic-Auth and Digest-Auth.
My log configuration is this:
log access-log-json {
include http.log.access
output file log/access.json {
roll_size 10m
roll_local_time
roll_keep_for 365d
}
format filter {
wrap json {
time_format iso8601
time_local
}
fields {
request>tls>version tls_version TLSv
request>tls>cipher_suite tls_cipher
request>headers>Authorization basic_auth_user
}
}
}
BTW: My server block contains log_credentials
.
When Basic-Auth is used, such as curl https://playground.stbu.net -H "Authorization: Basic dGVzdHVzZXI6dGVzdA=="
, everything is perfect. The JSON log output will contain "Authorization": "testuser"
.
When Digest-Auth is used, such as curl https://playground.stbu.net -H 'Authorization: Digest username="exampleuser", realm="protected", nonce="12345678901", uri="/", response="123456789012345678901234567890", qop=auth, nc=00000911, cnonce="1234567890"
then the JSON log output will contain "Authorization": ""
.
When Bearer-Auth is used, such as curl https://playground.stbu.net -H "Authorization: Bearer 123456789012345678901234567890"
, then the JSON log output will contain "Authorization": ""
.
I would rather like to have the original value of the Authorization Header in case it is not Basic-Auth.
For example when Bearer-Auth is used, I would like to have "Authorization": "Bearer 123456789012345678901234567890"
logged instead of an empty Authorization. Ideally, in case of Digest-Auth, I would like to have the value of username="exampleuser"
, but that would contradict with this module name.
Would it be possible to implement an optional flag like "preserve_other" (request>headers>Authorization basic_auth_user preserve_other
) in this module with the logic that if this flag is provided, the original value is returned when it's not a Basic-Auth instead of return an empty string?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.