Reputation: 51
Mod_rewrite to specific basic auth user subdirectory
For a dev environment My DocumentRoot in apache points to /var/www. This folder contains the following structure:
/var/www/username1/projectname/
/var/www/username2/projectname/
/var/www/username3/projectname/
Using .htaccess/.htpasswd someone needs to login using basic auth. When the user logs in he/she will be moved to /var/www/[hisorherusername]/[projectname]/. Using this technique every developer should be pointed to his/her own code while still using the same subdomain.
For example, when username1 visits projectname.dev.mycompany.com. This user will then be shown the code to /var/www/username1/projectname/.
I want to prevent using dynamic virtual hosts by using a different subdomain for every user. This usually messes up stuff when using CMS's.
I got a long way but gets stuck in using the rewrite rules. This is what I currently have:
AuthType Basic
AuthName "The DEV"
AuthUserFile /var/www/.htpasswd
Require valid-user
RewriteEngine on
RewriteCond %{HTTP_HOST} ^([^\.]+).dev.company.com$
RewriteRule ^(.+)$ /%{REMOTE_USER}/%1/html/$1
This results in an endless stream of internal redirects. When I change the last rewrite rule to ^$ instead of ^(.+)$ it works fine for the root URL, but not for all other URL's. These will be rewritten to /var/www/$1 instead. I tried adding a condition to check if we are not already in /%{REMOTE_USER} but that doesn't seem to solve anything.
I see what is happening, but I don't see a solution. I like to prevent adding another .htaccess rule in the subdirectories, since this should then be merged together with the .htaccess files of the projects themselves.
Upvotes: 0
Views: 1096
Answers (2)
Reputation: 353
Maybe this will be helpful for someone in the future, who needs a similar mod_rewrite condition.
It's true that you cannot use %{REMOTE_USER} in the rewrite conditions CondPattern but you can use both %{REMOTE_USER} and %{REQUEST_URI} in an concatenated TestString and a regex capturing group inside the CondPattern.
RewriteEngine on
RewriteCond %{REMOTE_USER}%{REQUEST_URI} !^([^/]+/)\1
RewriteCond %{HTTP_HOST} ^([^\.]+).dev.company.com$
RewriteRule ^(.+)$ /%{REMOTE_USER}/%1/html/$1
Upvotes: 1
Reputation: 51
I think I finally found it myself. This might help out people in the future. The first step is to create a virtual host to /var/www/. There you store the following .htaccess file:
AuthType Basic
AuthName "Typify DEV"
AuthUserFile /var/www/.htpasswd
Require valid-user
RewriteEngine on
RewriteCond %{REQUEST_URI} !/users/(.+)$
RewriteCond %{HTTP_HOST} ^([^\.]+).dev.company.com$
RewriteRule ^(.*)$ /users/%{REMOTE_USER}/%1/html/$1
Unfortunately you cannot use %{REMOTE_USER} in your rewrite condition comparison. You may only use regular expressions on the right side. So I moved all user directories to a 'users' subdirectory:
/var/www/users/username1/project1
Now I can recognize if it already has been rewritten to that subdirectory. Quite easy solution actually.
Upvotes: 1
Related Questions
- htaccess exclude one url from Basic Auth
- .htaccess - Disable basic auth for specific path
- Add auth to specific file with htaccess
- .htaccess mod-rewrite conflicting with subfolder auth
- Combine basic auth and redirect in .htaccess?
- htaccess rewrite and auth conflict
- How to make Basic Auth exclude a rewritten URL
- Using Basic Authentication (htaccess) to restrict access to a specific URL
- htaccess: Conditional Authentication
- mod_rewrite and HTTP Basic auth