Currently, I'm using auth_request for with memcache to provide super-fast non-blocking authentication. I love it. I noticed, however, I cannot do another memcache query with a different key if the location is being auth_request'd first.
Given the following config for example:
# everything by default must be authenticated
auth_request /_auth;
# authentication
location = /_auth {
auth_request off;
set $memcached_key sso$cookie_uid;
memcached_pass localhost:11211;
error_page 404 =403 /login.html;
default_type application/json;
}
# stats
location = /stats.json {
set $memcached_key mystats;
memc_pass localhost:11211;
default_type application/json;
}
With this configuration, a request to /stats.json will query memcache using the key "sso$cookie_uid" instead of the "mystats" key.
If I turn off auth_request for the /stats.json block, for example:
...
# stats
location = /stats.json {
auth_request off;
set $memcached_key mystats;
memc_pass localhost:11211;
default_type application/json;
}
Then the correct "mystats" key will be used, but then this location is not secure.
I have also tried using Memc add-on and experienced the exact same behavior.
The bottom line is that the "set $memcached_key" is not being evaluated a second time after the auth_request module has performed its part.
Does anyone have an idea of a work-around or thoughts on this approach?
Thanks,
Adam