You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@apisix.apache.org by Jerry Wang <va...@gmail.com> on 2020/01/17 04:42:14 UTC

Can APISIX route to different upstream based on token authentication?

Hi,

I have two static websites (HTML and JS only). One for anonymous user and
the other is for authenticated user.

I am planning to use JWT auth plugin: Can APISIX do reverse proxy
forwarding based on token? As:

1. anonymous user access https://mydomianname/ without token (or invalid
token) forwarded to upstream A.
2. authenticated user access https://mydomianname/ with valid token
forwarded to upsteam B.

BTW: can APISIX serve static websites without setting up upstream?

Thanks,
-- 
Jerry WANG

Re: Can APISIX route to different upstream based on token authentication?

Posted by Zhiyuan Ju <ju...@apache.org>.

Your needs could be archived by programing plugin in my opinion. 😉

Best Regards!
@ Zhiyuan Ju <https://www.shaoyaoju.org/>


Jerry Wang <va...@gmail.com> 于2020年1月17日周五 下午12:42写道：

> Hi,
>
> I have two static websites (HTML and JS only). One for anonymous user and
> the other is for authenticated user.
>
> I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> forwarding based on token? As:
>
> 1. anonymous user access https://mydomianname/ without token (or invalid
> token) forwarded to upstream A.
> 2. authenticated user access https://mydomianname/ with valid token
> forwarded to upsteam B.
>
> BTW: can APISIX serve static websites without setting up upstream?
>
> Thanks,
> --
> Jerry WANG
>

Re: Can APISIX route to different upstream based on token authentication?

Posted by YuanSheng Wang <me...@gmail.com>.

if the token is valid, it should be match to a consumer.
if the token is invalid, the authentication plugin will reject the request.


On Sat, Jan 18, 2020 at 8:53 AM Jerry Wang <va...@gmail.com> wrote:

> Thanks.
>
> Does APISIX support forwarding request to one of two upstream based on
> token validation success or fail?
>
> On Sat, Jan 18, 2020 at 1:07 AM YuanSheng Wang <me...@gmail.com> wrote:
>
> > @Jerry Wang
> >
> > Please take a look at this doc[1]. Different token means different
> > consumer.
> >
> > Here is an example, maybe it works for you:
> >
> > curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
> > {
> >     "username": "jack",
> >     "plugins": {
> >         "jwt-auth": {
> >             "key": "user-key",
> >             "secret": "my-secret-key"
> >         }
> >     },
> >     "upstream": {
> >         "type": "roundrobin",
> >         "nodes": {
> >             "39.97.63.215:80": 1
> >         }
> >     }
> > }'
> >
> > [1]
> >
> >
> https://github.com/apache/incubator-apisix/blob/master/doc/plugins/jwt-auth.md#how-to-enable
> >
> > On Fri, Jan 17, 2020 at 12:42 PM Jerry Wang <va...@gmail.com>
> wrote:
> >
> > > Hi,
> > >
> > > I have two static websites (HTML and JS only). One for anonymous user
> and
> > > the other is for authenticated user.
> > >
> > > I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> > > forwarding based on token? As:
> > >
> > > 1. anonymous user access https://mydomianname/ without token (or
> invalid
> > > token) forwarded to upstream A.
> > > 2. authenticated user access https://mydomianname/ with valid token
> > > forwarded to upsteam B.
> > >
> > > BTW: can APISIX serve static websites without setting up upstream?
> > >
> > > Thanks,
> > > --
> > > Jerry WANG
> > >
> >
> >
> > --
> >
> > *MembPhis*
> > My github: https://github.com/membphis
> > Apache APISIX: https://github.com/apache/incubator-apisix
> >
>
>
> --
> Jerry WANG
>


-- 

*MembPhis*
My github: https://github.com/membphis
Apache APISIX: https://github.com/apache/incubator-apisix

Re: Can APISIX route to different upstream based on token authentication?

Posted by Jerry Wang <va...@gmail.com>.

Thanks.

Does APISIX support forwarding request to one of two upstream based on
token validation success or fail?

On Sat, Jan 18, 2020 at 1:07 AM YuanSheng Wang <me...@gmail.com> wrote:

> @Jerry Wang
>
> Please take a look at this doc[1]. Different token means different
> consumer.
>
> Here is an example, maybe it works for you:
>
> curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
> {
>     "username": "jack",
>     "plugins": {
>         "jwt-auth": {
>             "key": "user-key",
>             "secret": "my-secret-key"
>         }
>     },
>     "upstream": {
>         "type": "roundrobin",
>         "nodes": {
>             "39.97.63.215:80": 1
>         }
>     }
> }'
>
> [1]
>
> https://github.com/apache/incubator-apisix/blob/master/doc/plugins/jwt-auth.md#how-to-enable
>
> On Fri, Jan 17, 2020 at 12:42 PM Jerry Wang <va...@gmail.com> wrote:
>
> > Hi,
> >
> > I have two static websites (HTML and JS only). One for anonymous user and
> > the other is for authenticated user.
> >
> > I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> > forwarding based on token? As:
> >
> > 1. anonymous user access https://mydomianname/ without token (or invalid
> > token) forwarded to upstream A.
> > 2. authenticated user access https://mydomianname/ with valid token
> > forwarded to upsteam B.
> >
> > BTW: can APISIX serve static websites without setting up upstream?
> >
> > Thanks,
> > --
> > Jerry WANG
> >
>
>
> --
>
> *MembPhis*
> My github: https://github.com/membphis
> Apache APISIX: https://github.com/apache/incubator-apisix
>


-- 
Jerry WANG

Re: Can APISIX route to different upstream based on token authentication?

Posted by YuanSheng Wang <me...@gmail.com>.

@Jerry Wang

Please take a look at this doc[1]. Different token means different consumer.

Here is an example, maybe it works for you:

curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
{
    "username": "jack",
    "plugins": {
        "jwt-auth": {
            "key": "user-key",
            "secret": "my-secret-key"
        }
    },
    "upstream": {
        "type": "roundrobin",
        "nodes": {
            "39.97.63.215:80": 1
        }
    }
}'

[1]
https://github.com/apache/incubator-apisix/blob/master/doc/plugins/jwt-auth.md#how-to-enable

On Fri, Jan 17, 2020 at 12:42 PM Jerry Wang <va...@gmail.com> wrote:

> Hi,
>
> I have two static websites (HTML and JS only). One for anonymous user and
> the other is for authenticated user.
>
> I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> forwarding based on token? As:
>
> 1. anonymous user access https://mydomianname/ without token (or invalid
> token) forwarded to upstream A.
> 2. authenticated user access https://mydomianname/ with valid token
> forwarded to upsteam B.
>
> BTW: can APISIX serve static websites without setting up upstream?
>
> Thanks,
> --
> Jerry WANG
>


-- 

*MembPhis*
My github: https://github.com/membphis
Apache APISIX: https://github.com/apache/incubator-apisix