hobbyhimmel/Project-Image-Uploader
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(nginx): Remove Basic Auth from /api/admin routes

Browse Source 
The /moderation page is already password-protected, so API routes
called from that page don't need additional authentication.
This fixes 'Unexpected token <' error in deletion log display.
This commit is contained in:
Matthias Lotz 2025-11-08 14:25:57 +01:00
parent b03cd20b40
commit 0a43fe95ea
2 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docker/dev/frontend/nginx.conf
View File

@ -55,11 +55,8 @@ server {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
} }
# Protected API - Admin API routes (password protected) # Admin API routes (NO password protection - protected by /moderation page access)
location /api/admin { location /api/admin {
auth_basic "Restricted Area - Admin API";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://backend-dev:5000/api/admin; proxy_pass http://backend-dev:5000/api/admin;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;

5
docker/prod/frontend/nginx.conf
View File

@ -89,11 +89,8 @@ http {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
} }
# Protected API - Admin API routes (password protected) # Admin API routes (NO password protection - protected by /moderation page access)
location /api/admin { location /api/admin {
auth_basic "Restricted Area - Admin API";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://image-uploader-backend:5000/api/admin; proxy_pass http://image-uploader-backend:5000/api/admin;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;