HTTP Forward Auth Trigger icon

HTTP Forward Auth Trigger

It can be used as a HTTP forward authentication middleware
Join our community

Overview

This node implements an HTTP forward authentication middleware trigger designed to handle user login, logout, session validation, and rate limiting via a Redis backend. It acts as an authentication gateway that can be hosted at a specified URL and integrates with external services by forwarding authenticated requests.

Common scenarios where this node is beneficial include:

  • Protecting web applications or APIs by requiring users to authenticate before accessing resources.
  • Implementing single sign-on (SSO) or centralized authentication for multiple services.
  • Enforcing rate limits on incoming requests to prevent abuse.
  • Customizing login pages and redirect flows after login/logout.

Practical example: Hosting this middleware at https://auth.example.com allows users to log in there, then get redirected to a dashboard at https://example.com/dashboard upon successful login. The middleware validates sessions stored in Redis and forwards authenticated requests to downstream services, optionally blocking excessive requests with a custom error message.

Properties

Name Meaning
Auth URL The base URL where this authentication middleware will be hosted (e.g., https://auth.e.io or https://e.io/auth).
Login Redirect URL The URL where the user will be redirected after a successful login (e.g., https://e.io/dashboard).
Logout Redirect URL The URL where the user will be redirected after logging out (e.g., https://e.io/login).
Enable HTTP Boolean flag to allow HTTP connections (e.g., http://localhost) instead of HTTPS only.
Enable Rate Limit Boolean flag to enable rate limiting on incoming requests based on client IP addresses.
Rate Limit Error Message Custom error message displayed when the rate limit is exceeded (default: "Too many requests!"). Only applicable if rate limiting is enabled.
Login Page Template HTML template for the login page shown to unauthenticated users. Supports placeholders #LOGIN_URL# for the login form action URL and #ERROR_MESSAGE# for displaying errors. Default template includes styled login form markup.

Output

The node outputs JSON data representing the incoming HTTP request body merged with the remote IP address if rate limiting is enabled. Specifically:

  • For normal authenticated requests, it outputs an array containing one item with a json property holding all fields from the HTTP request body plus a remoteIp field if rate limiting is active.
  • For other webhook endpoints (login page, logout, session check), it does not output workflow data but instead sends HTTP responses directly.
  • No binary data output is produced by this node.

Dependencies

  • Requires a Redis instance for storing and validating session tokens and managing rate limiting counters.
  • Needs configuration of credentials to connect securely to the Redis service.
  • Relies on environment supporting HTTP server capabilities to serve login/logout pages and handle redirects.
  • Uses standard HTTP headers and cookies for session management.
  • Requires proper URLs configured for hosting the middleware and redirect targets.

Troubleshooting

  • 403 Forbidden Errors: Occur if the Origin header of incoming requests does not match the configured Auth URL origin. Ensure clients send correct Origin headers and the Auth URL is set properly.
  • 401 Unauthorized Redirects: If session tokens are missing or invalid, users are redirected to the login page. Verify Redis connectivity and session token validity.
  • Rate Limiting Blocks: When enabled, excessive requests from the same IP will receive a 429 response with the configured error message. Adjust rate limit settings or disable if too restrictive.
  • Login Page Not Displaying Correctly: Check that the login page template contains valid HTML and that placeholders #LOGIN_URL# and #ERROR_MESSAGE# are replaced correctly.
  • Redis Connection Issues: Credential test method is provided; use it to verify Redis connection parameters before running the node.

Links and References

If you need further details about specific operations or additional code parts, please provide them.

Discussion