Authentication on NGINX aganist Tornado

Question

well, I just setup NGINX and now its working. As my BackEnd WebServer under NGINX I have Python Tornado running:

I only use NGINX for allow big uploads (large-sized), so one of my URL (for upload) is served on NGINX and the rest of URLs are served by Tornado.

I use Sessions provided by Tornado (running at http://localhost:8080/), and NGINX is running at http://localhost:8888/;

Well this is my nginx config file:

location /images/upload {

            upload_pass /after_upload;
            .....
            .....
            .....
}


location /after_upload {
        proxy_pass   http://localhost:8080/v1/upload/;
}

As you see, there aren't anything about authentication on NGINX.

URL for proxy_pass requiere a session valid (provided by Tornado)

This is scheme of the system is the following:

When users log in the system, system create a Tornado (tornado sessions) session in server and in user's Browser, so I need pass authentication to NGINX and continue this authentication process again in Tornado Service.

How I change NginX for authenticate against Tornado?

Thanks in advance

Answer 1

Well, Nginx works as a Proxy, therefore is not necessary make changes in Tornado or in your application. For my application I just add rewrites from NGINX urls towards Tornado urls. So this includes all traffic (auth, etc.) and all HTTP structures like if you were working in Tornado.

server {

        listen   8888; ## listen for ipv4
        server_name  localhost;
        access_log  /var/log/nginx/localhost.access.log;
        client_max_body_size 100000M;
        location / {
                #Real Location URL for Tornado.
                proxy_pass http://localhost:8080/;
        }
}

Key is proxy_pass , where every requests for 8888 port are passed to 8080 port in localhost.

Everything is passed to Tornado BackEnd from Nginx.