Basic auth multiple users

1. Caddy version (caddy version):

Caddy v2

2. How I run Caddy:

a. System environment:

Docker container

b. Command:

docker-compose up -d

c. Service/unit/compose file:

d. My complete Caddyfile or JSON config:


(AUTH_USERS) {
     basicauth / user1 pass1
     basicauth / user 2 pass2
}

3. The problem I’m having:

I’m trying to protect some services of my server with basic auth in a snippet, but I can’t get it working for more than 1 user. I’ve tried to include the basic auth inside the service code, but does not work either.

4. Error messages and/or full log output:

/caddy# docker exec -w /etc/caddy caddy caddy reload
{“level”:“info”,“ts”:1591689125.9193683,“msg”:“using adjacent Caddyfile”}
reload: adapting config using caddyfile: parsing caddyfile tokens for ‘basicauth’: Caddyfile:21 - Error during parsing: Wrong argument count or unexpected line ending after ‘pass1’

5. What I already tried:

(AUTH_USERS) {
basicauth / user1 pass1
basicauth / user 2 pass2
}

(AUTH_USERS) {
basicauth {
user1 pass1
}
basicauth {
user 2 pass2
}
}

6. Links to relevant resources:

That’s not valid syntax unfortunately. Three things are incorrect.

First, you have a / path matcher, this means it will only match requests to / and not /foo. Path matching in Caddy v2 is exact match. If you omit the / then Caddy assumes * which means “match all requests”.

Second, you can’t have the user/pass pair on the same line, you need to specify them inside of a block, i.e. within braces { }.

Third, you shouldn’t have two basicauth directives because they’ll clash. Instead, you have just the one, but specify multiple users (one per line).

It should look like this:

basicauth {
	Bob <password_hash>
	Cindy <password_hash>
}

Don’t forget that you need to use the caddy hash-password command to hash your passwords before putting them in your config. Run it like this:

$ caddy hash-password --plaintext some.long.password.string
3 Likes

This topic was automatically closed after 30 days. New replies are no longer allowed.