Remove index.php from basic auth request on php-cgi

Question

I have a Kohana 3.3 application, and I have removed /index.php/ from the URI with some rules in an .htaccess file. Everything is working fine, until I come to use Basic Authentication. I can’t access Basic Auth from $_SERVER because the site is served with php-cgi, which is explained here.

The solution in the previous link works, though it adds /index.php/ back into the URI. I can’t seem to manage to add the new rewrite rule without the server throwing a 500.

Here are my current rewrite rules:

<IfModule mod_rewrite.c>
Options +FollowSymlinks
# Options +SymLinksIfOwnerMatch
Options +FollowSymlinks
RewriteEngine On
#  RewriteBase /
</IfModule>

# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]

# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# Rewrite all other URLs to index.php/URL
#RewriteRule .* app/index.php/$0 [PT]
RewriteRule ^(.*)$ index.php/$0 [PT,L]
RewriteRule ^$ index.php/$0 [PT,L]

And here’s what I need to add:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^Basic.*
RewriteRule (.*) index.php?Authorization=%{HTTP:Authorization} [QSA,L]
</IfModule>

How can I make this work? And is there a relatively easy way to learn how mod_rewrite works?

Answer 1

Try this code in your DocumentRoot/.htaccess:

DirectoryIndex index.php
Options +FollowSymlinks -MultiViews
RewriteEngine On
RewriteBase /api/

# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b /index.php/$0 [L]

# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$0 [L]

RewriteCond %{HTTP:Authorization} ^Basic.*
RewriteRule ^ index.php?Authorization=%{HTTP:Authorization} [L]