1. The problem I’m having:
We are hosting a very basic react project on our caddy server (fresh ubuntu 22.04 on Linode). We are trying to implement a very basic auth check to make sure a user is supposed to be on a page. We do this passing a secure-sign-in UUID in the query string of the URL. This is is mainly to prevent randos from stumbling upon the site, not for actual secure authentication.
We are trying to run regex on the secure-sign-in UUID to make sure it matches the format we send them out in.
However, in the caddyfile examples below, when we don’t implement regex and allow the secure-sign-in UUID to be * the react project loads. BUT… when we actually use regex the site will load but doesn’t actually display anything.
I feel like I have been banging my head against the wall trying to figure this out. I suspect it is a relatively quick fix but I could use some direction/help.
Thank you in advance!!!
2. Error messages and/or full log output:
3. Caddy version:
v2.7.5 h1:HoysvZkLcN2xJExEepaFHK92Qgs7xAiCFydN5x5Hs6Q=
4. How I installed and ran Caddy:
a. System environment:
Ubuntu 22.04 fresh install on Linode
b. Command:
https://www.digitalocean.com/community/tutorials/how-to-host-a-website-with-caddy-on-ubuntu-22-04
c. Service/unit/compose file:
d. My complete Caddy config:
Functional
microsoft.example.com {
@uuid_query_param {
query secure-sign-in=*
}
rewrite @uuid_query_param /index.html
@no_uuid {
not query secure-sign-in=*
}
respond @no_uuid "Unauthorized access" 401
root * /var/www/portals/microsoft/build
file_server
}
Non-Functional
microsoft.example.com {
@uuid {
expression `{http.request.uri.query.secure-sign-in}.matches(r"^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[4][0-9a-fA-F]{3}-[89ABab][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$")`
}
handle @uuid {
rewrite * /index.html
root * /var/www/portals/microsoft/build
encode gzip
file_server
}
handle {
respond "Unauthorized" 404
}
}
}