Skip to content

refactor: use x-tinyauth-location header in tinyauth auth request#621

Open
steveiliop56 wants to merge 2 commits into
linuxserver:masterfrom
steveiliop56:refactor/x-tinyauth-location
Open

refactor: use x-tinyauth-location header in tinyauth auth request#621
steveiliop56 wants to merge 2 commits into
linuxserver:masterfrom
steveiliop56:refactor/x-tinyauth-location

Conversation

@steveiliop56

Copy link
Copy Markdown

linuxserver.io


  • I have read the contributing guideline and understand that I have made the correct modifications

Description:

Tinyauth introduced a new X-Tinyauth-Location header in the v5.0.7 version. This header allows Tinyauth to inform the reverse proxy of the location it wants the user to redirect to, avoiding the need for the custom Tinyauth login page location. It also allows for the proxy to redirect to Tinyauth's own pages for unauthorized users instead of presenting them the generic 403 error of Nginx.

Benefits of this PR and context:

As mentioned above:

This header allows Tinyauth to inform the reverse proxy of the location it wants the user to redirect to, avoiding the need for the custom Tinyauth login page location. It also allows for the proxy to redirect to Tinyauth's own pages for unauthorized users instead of presenting them the generic 403 error of Nginx.

How Has This Been Tested?

This change will impact any users who update to this newer configuration while being on an version prior to v5.0.7. This exact patch was tested with Tinyauth's users and confirmed working as expected. Exact setups unknown.

If I understand correctly, it's the user's responsibility to review proxy configurations and apply them. However if you would like to avoid any potential confusion/potential breakage of any existing setups, I recommend at least adding a login_for=app parameter in the Tinyauth login location. This additional parameter informs the Tinyauth of the scope of the login request and helps increase security. Tinyauth can work without this parameter.

Source / References:

Release adding the header: https://github.com/tinyauthapp/tinyauth/releases/tag/v5.0.7
Documentation on Nginx Proxy Manager with this header: https://tinyauth.app/docs/guides/nginx-proxy-manager

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for opening this pull request! Be sure to follow the pull request template!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Development

Successfully merging this pull request may close these issues.

2 participants