Nginx with gunicorn with double authorization

Question

I want to use http auth but also, a reverse proxy using gunicorn.

For http auth I use:

location = admin.html {
 auth_basic 'Login Required'
 auth_basic__use_file etc/nginx/.htpasswd;
}

for gunicorn, proxy reverse I found:

try_files $uri @gunicorn;

How can I combine both ?

Answer 1

Do you mean you want to use nginx as a reverse proxy server for django with additional level of authorization? You simply move your auth_basic and auth_basic_user_file directives from location block to server block:

upstream gunicorn_server {
    server unix:</path/to/socket/pseudo/file>;
}

server {
    listen ...;
    server_name ...;
    auth_basic "Login Required";
    auth_basic_user_file etc/nginx/.htpasswd;
    ... # other parameters
    location / {
        try_files $uri @gunicorn;
    }
    location @gunicorn {
        proxy_pass http://gunicorn_server;
    }
}

Update

Assuming there is an "admin" area which includes both /admin.html and /admin/any/other/uri to additionaly protect this area with HTTP Basic Auth you can use following configuration:

upstream gunicorn_server {
    server unix:</path/to/socket/pseudo/file>;
}

server {
    listen ...;
    server_name ...;
    ... # other parameters
    location / {
        try_files $uri @gunicorn;
    }
    location /admin {
        auth_basic "Login Required";
        auth_basic_user_file etc/nginx/.htpasswd;
        try_files $uri @gunicorn;
    }
    location @gunicorn {
        proxy_pass http://gunicorn_server;
    }
}

To protect a single file admin.html replace location /admin { with location = /admin.html {.