LETS MAKE HTTP AUTH GREAT AGAIN

jacobemerick · May 28, 2016 · 1f179ab · 1f179ab
1 parent 6f138ac
commit 1f179ab
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/bootstrap.php b/bootstrap.php
@@ -39,6 +39,11 @@
 $talus->addMiddleware(function ($req, $res, $next) use ($auth) {
     $authHeader = base64_encode("{$auth->username}:{$auth->password}");
     $authHeader = "Basic {$authHeader}";
+
+    if ($_SERVER['REDIRECT_X_HTTP_AUTHORIZATION']) {
+        $req = $req->withHeader('Authorization', $_SERVER['REDIRECT_X_HTTP_AUTHORIZATION']);
+    }
+
     if ($authHeader != current($req->getHeader('Authorization'))) {
         $res = $res->withStatus(403);
         return $res;

diff --git a/public/.htaccess b/public/.htaccess
@@ -1,6 +1,5 @@
-RewriteEngine On
-RewriteRule ^$ index.php [QSA]
-RewriteCond %{REQUEST_FILENAME} !-d
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^(.*)$ index.php/$1 [QSA,L]
+RewriteEngine on
 
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteRule ^(.*)$ index.php [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]