You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apisix.apache.org by Jerry Wang <va...@gmail.com> on 2020/01/17 04:42:14 UTC
Can APISIX route to different upstream based on token authentication?
Hi,
I have two static websites (HTML and JS only). One for anonymous user and
the other is for authenticated user.
I am planning to use JWT auth plugin: Can APISIX do reverse proxy
forwarding based on token? As:
1. anonymous user access https://mydomianname/ without token (or invalid
token) forwarded to upstream A.
2. authenticated user access https://mydomianname/ with valid token
forwarded to upsteam B.
BTW: can APISIX serve static websites without setting up upstream?
Thanks,
--
Jerry WANG
Re: Can APISIX route to different upstream based on token authentication?
Posted by Zhiyuan Ju <ju...@apache.org>.
Your needs could be archived by programing plugin in my opinion. 😉
Best Regards!
@ Zhiyuan Ju <https://www.shaoyaoju.org/>
Jerry Wang <va...@gmail.com> 于2020年1月17日周五 下午12:42写道:
> Hi,
>
> I have two static websites (HTML and JS only). One for anonymous user and
> the other is for authenticated user.
>
> I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> forwarding based on token? As:
>
> 1. anonymous user access https://mydomianname/ without token (or invalid
> token) forwarded to upstream A.
> 2. authenticated user access https://mydomianname/ with valid token
> forwarded to upsteam B.
>
> BTW: can APISIX serve static websites without setting up upstream?
>
> Thanks,
> --
> Jerry WANG
>
Re: Can APISIX route to different upstream based on token authentication?
Posted by YuanSheng Wang <me...@gmail.com>.
if the token is valid, it should be match to a consumer.
if the token is invalid, the authentication plugin will reject the request.
On Sat, Jan 18, 2020 at 8:53 AM Jerry Wang <va...@gmail.com> wrote:
> Thanks.
>
> Does APISIX support forwarding request to one of two upstream based on
> token validation success or fail?
>
> On Sat, Jan 18, 2020 at 1:07 AM YuanSheng Wang <me...@gmail.com> wrote:
>
> > @Jerry Wang
> >
> > Please take a look at this doc[1]. Different token means different
> > consumer.
> >
> > Here is an example, maybe it works for you:
> >
> > curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
> > {
> > "username": "jack",
> > "plugins": {
> > "jwt-auth": {
> > "key": "user-key",
> > "secret": "my-secret-key"
> > }
> > },
> > "upstream": {
> > "type": "roundrobin",
> > "nodes": {
> > "39.97.63.215:80": 1
> > }
> > }
> > }'
> >
> > [1]
> >
> >
> https://github.com/apache/incubator-apisix/blob/master/doc/plugins/jwt-auth.md#how-to-enable
> >
> > On Fri, Jan 17, 2020 at 12:42 PM Jerry Wang <va...@gmail.com>
> wrote:
> >
> > > Hi,
> > >
> > > I have two static websites (HTML and JS only). One for anonymous user
> and
> > > the other is for authenticated user.
> > >
> > > I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> > > forwarding based on token? As:
> > >
> > > 1. anonymous user access https://mydomianname/ without token (or
> invalid
> > > token) forwarded to upstream A.
> > > 2. authenticated user access https://mydomianname/ with valid token
> > > forwarded to upsteam B.
> > >
> > > BTW: can APISIX serve static websites without setting up upstream?
> > >
> > > Thanks,
> > > --
> > > Jerry WANG
> > >
> >
> >
> > --
> >
> > *MembPhis*
> > My github: https://github.com/membphis
> > Apache APISIX: https://github.com/apache/incubator-apisix
> >
>
>
> --
> Jerry WANG
>
--
*MembPhis*
My github: https://github.com/membphis
Apache APISIX: https://github.com/apache/incubator-apisix
Re: Can APISIX route to different upstream based on token authentication?
Posted by Jerry Wang <va...@gmail.com>.
Thanks.
Does APISIX support forwarding request to one of two upstream based on
token validation success or fail?
On Sat, Jan 18, 2020 at 1:07 AM YuanSheng Wang <me...@gmail.com> wrote:
> @Jerry Wang
>
> Please take a look at this doc[1]. Different token means different
> consumer.
>
> Here is an example, maybe it works for you:
>
> curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
> {
> "username": "jack",
> "plugins": {
> "jwt-auth": {
> "key": "user-key",
> "secret": "my-secret-key"
> }
> },
> "upstream": {
> "type": "roundrobin",
> "nodes": {
> "39.97.63.215:80": 1
> }
> }
> }'
>
> [1]
>
> https://github.com/apache/incubator-apisix/blob/master/doc/plugins/jwt-auth.md#how-to-enable
>
> On Fri, Jan 17, 2020 at 12:42 PM Jerry Wang <va...@gmail.com> wrote:
>
> > Hi,
> >
> > I have two static websites (HTML and JS only). One for anonymous user and
> > the other is for authenticated user.
> >
> > I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> > forwarding based on token? As:
> >
> > 1. anonymous user access https://mydomianname/ without token (or invalid
> > token) forwarded to upstream A.
> > 2. authenticated user access https://mydomianname/ with valid token
> > forwarded to upsteam B.
> >
> > BTW: can APISIX serve static websites without setting up upstream?
> >
> > Thanks,
> > --
> > Jerry WANG
> >
>
>
> --
>
> *MembPhis*
> My github: https://github.com/membphis
> Apache APISIX: https://github.com/apache/incubator-apisix
>
--
Jerry WANG
Re: Can APISIX route to different upstream based on token authentication?
Posted by YuanSheng Wang <me...@gmail.com>.
@Jerry Wang
Please take a look at this doc[1]. Different token means different consumer.
Here is an example, maybe it works for you:
curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
{
"username": "jack",
"plugins": {
"jwt-auth": {
"key": "user-key",
"secret": "my-secret-key"
}
},
"upstream": {
"type": "roundrobin",
"nodes": {
"39.97.63.215:80": 1
}
}
}'
[1]
https://github.com/apache/incubator-apisix/blob/master/doc/plugins/jwt-auth.md#how-to-enable
On Fri, Jan 17, 2020 at 12:42 PM Jerry Wang <va...@gmail.com> wrote:
> Hi,
>
> I have two static websites (HTML and JS only). One for anonymous user and
> the other is for authenticated user.
>
> I am planning to use JWT auth plugin: Can APISIX do reverse proxy
> forwarding based on token? As:
>
> 1. anonymous user access https://mydomianname/ without token (or invalid
> token) forwarded to upstream A.
> 2. authenticated user access https://mydomianname/ with valid token
> forwarded to upsteam B.
>
> BTW: can APISIX serve static websites without setting up upstream?
>
> Thanks,
> --
> Jerry WANG
>
--
*MembPhis*
My github: https://github.com/membphis
Apache APISIX: https://github.com/apache/incubator-apisix