Last active
July 16, 2021 21:39
-
-
Save harish2704/bb9bb2a104f8c29b510800f5f14363d2 to your computer and use it in GitHub Desktop.
Adminer login plugin for authenticated reverse proxy setup. for eg: auth_request in nginx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location /dba/ { | |
| auth_request /auth/check_login/; | |
| error_page 403 /auth/login/; | |
| # Server running dba tool | |
| proxy_pass http://127.0.0.1:7777/; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| auth_request_set $auth_db_vendor $upstream_http_db_vendor; | |
| proxy_set_header db_vendor $auth_db_vendor; | |
| auth_request_set $auth_db_server $upstream_http_db_server; | |
| proxy_set_header db_server $auth_db_server; | |
| auth_request_set $auth_db_username $upstream_http_db_username; | |
| proxy_set_header db_username $auth_db_username; | |
| auth_request_set $auth_db_password $upstream_http_db_password; | |
| proxy_set_header db_password $auth_db_password; | |
| auth_request_set $auth_db_name $upstream_http_db_name; | |
| proxy_set_header db_name $auth_db_name; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * ഓം ബ്രഹ്മാർപ്പണം | |
| * plugins/proxy-login.php | |
| * Created: Sat Jul 17 2021 03:00:25 GMT+0530 (GMT+05:30) | |
| * Copyright 2021 Harish Karumuthil<[email protected]> | |
| * | |
| * This Plugin allows to run adminer behind a authenticated reverse proxy | |
| * using custom authentication method. | |
| * For example, we can use auth_request module in Nginx to authenticate | |
| * Then authntication server need to return credentials via response headers | |
| */ | |
| class AdminerProxyLogin { | |
| function __construct() { | |
| $this->vendor = $_SERVER['HTTP_DB_VENDOR']; | |
| $this->server = $_SERVER['HTTP_DB_SERVER']; | |
| $this->username = $_SERVER['HTTP_DB_USERNAME']; | |
| $this->password = $_SERVER['HTTP_DB_PASSWORD']; | |
| $this->db = $_SERVER['HTTP_DB_NAME']; | |
| $_GET['pgsql'] = $this->server; | |
| $_GET['username'] = $this->username; | |
| $_GET['db'] = $this->db; | |
| $_GET['ns'] = 'public'; | |
| $_SESSION["db"] = [ $this->vendor => [ | |
| $this->server => [ | |
| $this->username => [ | |
| $this->db => true | |
| ] | |
| ] | |
| ] ]; | |
| $_SESSION["pwds"] = [ $this->vendor => [ | |
| $this->server => [ | |
| $this->username => $this->password | |
| ] | |
| ] ]; | |
| } | |
| function credentials() { | |
| return array( SERVER, $this->username, $this->password); | |
| } | |
| function login($login, $password) { | |
| return true; | |
| } | |
| function loginForm() { | |
| echo "<hr/><b>Not allowed</b>"; | |
| return true; | |
| } | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment