From 176360fdd764c96ba2c3b509aec5609864bcc3f3 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 May 2021 22:18:31 +0200 Subject: [PATCH 1/2] website/docs: fix $auth_cookie not being defined in outpost docs Signed-off-by: Jens Langhammer --- website/docs/outposts/proxy.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/website/docs/outposts/proxy.mdx b/website/docs/outposts/proxy.mdx index 1da39f4e7..08e04504a 100644 --- a/website/docs/outposts/proxy.mdx +++ b/website/docs/outposts/proxy.mdx @@ -43,8 +43,10 @@ import TabItem from '@theme/TabItem'; ``` location /akprox { proxy_pass http://*ip of your outpost*:4180; - proxy_set_header X-Forwarded-Host $http_host; error_page 401 = @akprox_signin; + proxy_set_header X-Forwarded-Host $http_host; + auth_request_set $auth_cookie $upstream_http_set_cookie; + add_header Set-Cookie $auth_cookie; } location @akprox_signin { From 583271d5edf5ae556f4e2c058c4514b60a7f5a57 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 May 2021 22:25:55 +0200 Subject: [PATCH 2/2] root: only load debug secret key when debug is enabled Signed-off-by: Jens Langhammer --- authentik/root/settings.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 0c5eff2fa..4c706f2c7 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -53,11 +53,11 @@ STATIC_ROOT = BASE_DIR + "/static" STATICFILES_DIRS = [BASE_DIR + "/web"] MEDIA_ROOT = BASE_DIR + "/media" -SECRET_KEY = CONFIG.y( - "secret_key", "9$@r!d^1^jrn#fk#1#@ks#9&i$^s#1)_13%$rwjrhd=e8jfi_s" -) # noqa Debug - DEBUG = CONFIG.y_bool("debug") +SECRET_KEY = CONFIG.y("secret_key") +if DEBUG: + SECRET_KEY = "9$@r!d^1^jrn#fk#1#@ks#9&i$^s#1)_13%$rwjrhd=e8jfi_s" # noqa Debug # nosec + INTERNAL_IPS = ["127.0.0.1"] ALLOWED_HOSTS = ["*"] SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")