Skip to content
Safe way to public insecure web applications.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


lua-resty-access - Web application access management module based on passwordless authentication for OpenResty.

Live Demo on


$ opm get supereldar/lua-resty-access

Requirements and Quick Start example

Your nginx configuration should look like this

http {
#REQUIREMENT: module require temporary storage, please setup luarestyaccess dictionary.
  lua_shared_dict luarestyaccess 10m;
    server {
    listen 80;
    servername domain.local;
      location / {
#REQUIREMENT: resolver and ca certificate directives are needed for external communication.
        lua_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
#REQUIREMENT: Call method Protect of resty.access object using access_by_lua* directive to activate access restriction.
        access_by_lua_block {
          local access = require'resty.access'
          local site = access:new()
          #Add users one by one who can access this location. To pass authentication provide "username".
          site:permitUser({username="john", email="john@snow.winter"})
          #You can also permit a single email.
          site:permitEmail({email = "john@snow.winter"})
          #Or you can permit the whole domain. "*" - works as wildcard here.
          site:permitEmail({email = "*@snow.winter"})
          #Launch module
       proxy_pass http://domain2.local;

Optional configuration

If you want to change access time and persistence or cookie name prefix you can use sessionConfig method.

site:sessionConfig({cookie_prefix = "luarestyaccess_", access_persistent = false , access_time = 3600})

If you want to process emails through your own smtp server you can use emailConfig method.

  mode = "smtp", 
  host= "", 
  port = 587, 
  tls = true,
  username = "",
  password = "qwerty123"  
You can’t perform that action at this time.