Hi Maxim,
Thanks for your answer. I'm actually using a proper URI in the auth_request parameter and the PHP script works fine (https://github.com/Arno0x/TwoFactorAuth), my example was dumb.
For the records, here's what I did to make it work exactly as I expect: simply remove the "deny all;" statement.
As a result :
- Any local network IP gets a straight access
- Any other IP has to go through the auth_request
This makes sense to me as a "satisfy any" coupled with a "deny all;" would always match "all" and refuse access.
Not sure why all configuration examples we can find on the web mention the "deny all;" statement, but this fails for me.
By the way, many thanks for all the work done on Nginx !
Cheers,
Arno