Skip to content

Instantly share code, notes, and snippets.

@m1k1o

m1k1o/filerun-traefik-middleware.php

Created March 27, 2020 19:17
Show Gist options
  • Save m1k1o/21a8c8499d32ebaf1f5a01876f6d49dc to your computer and use it in GitHub Desktop.
Save m1k1o/21a8c8499d32ebaf1f5a01876f6d49dc to your computer and use it in GitHub Desktop.
Download ZIP
Use Filerun's session as auth middle in traefik.
Raw
filerun-traefik-middleware.php
<?php
// Stay logged in for 30min
$time_diff = 60 * 30;
// Create login page
$login_page = $_SERVER["HTTP_X_FORWARDED_PROTO"]."://".$_SERVER["HTTP_X_FORWARDED_HOST"].":".$_SERVER["HTTP_X_FORWARDED_PORT"];
$sess = $_COOKIE["FileRunSID"];
if(!preg_match("/^[a-zA-Z0-9]+$/", $sess)) {
header('HTTP/1.0 401 Unauthorized');
header('Location: '.$login_page);
exit;
}
$file = "/tmp/sess_".$sess;
if(!file_exists($file) || !is_readable($file) || 0 === ($data = file_get_contents($file))) {
header('HTTP/1.0 401 Unauthorized');
header('Location: '.$login_page);
exit;
}
$data = explode("|", $data);
$data = array_pop($data);
$data = unserialize($data);
if($time_diff != 0 && $data["last_request"] < time() - $time_diff) {
header('HTTP/1.0 401 Unauthorized');
header('Location: '.$login_page);
exit;
}
header('X-Forwarded-User: '.$data["username"]);
@m1k1o
Copy link
Author

m1k1o commented Mar 27, 2020
edited
Loading

Add this to your filerun HTML directory.

Use in Traefik like this:

    filerun-auth:
      forwardAuth:
        address: "http://filerun/authenticate.php"
        trustForwardHeader: true
        authResponseHeaders: ["X-Forwarded-User"]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment