[Kimchi-devel] [PATCH 5/8] backend: Redirect 401 error to default page

[Aline Manera]

From: Aline Manera <alinefm at br.ibm.com>

When a non-authenticated user tries to access the URL
http://host-ip:port/vnc.html?port=64667&path=?token=<my-vm>&encrypt=1
Kimchi server will return 401 error code before loading the HTML file.

So we need to redirect the 401 error for vnc_auto.html and spice.html
pages to Kimchi default page which will require the user authentication to
proceed.

Also save the current console page to redirect user to properly location
after logging.

Signed-off-by: Aline Manera <alinefm at br.ibm.com>
---
 src/nginx.conf.in |   10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/nginx.conf.in b/src/nginx.conf.in
index c339e56..38e643d 100644
--- a/src/nginx.conf.in
+++ b/src/nginx.conf.in
@@ -55,7 +55,17 @@ http {
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_redirect http://127.0.0.1:$kimchid_port/ https://$host:$proxy_ssl_port/;
+        }
+
+        location ~/(vnc_auto|spice\.html) {
+            proxy_pass http://127.0.0.1:$kimchid_port;
+            proxy_intercept_errors on;
+            error_page 401 @consoleauth;
+        }
 
+        location @consoleauth {
+            add_header Set-Cookie "console_uri=$request_uri";
+            return https://$host:$proxy_ssl_port/;
         }
     }
 
-- 
1.7.10.4