Merge pull request #3041 from edx/clintonb/api-no-basic-auth

Disabled basic authentication for the /api paths of ecommerce and programs

Merge pull request #3041 from edx/clintonb/api-no-basic-auth
Disabled basic authentication for the /api paths of ecommerce and programs
b3c74b47 · Clinton Blackburn · 3513b8f3 · 135b9a6a · b3c74b47 · b3c74b47
Commit b3c74b47 authored May 16, 2016 by Clinton Blackburn
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 0 deletions

playbooks/roles/nginx/templates/edx/app/nginx/sites-available/ecommerce.j2
+5 -0

playbooks/roles/nginx/templates/edx/app/nginx/sites-available/programs.j2
+5 -0

No files found.
--- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/ecommerce.j2
+++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/ecommerce.j2
@@ -69,6 +69,11 @@ server {
    try_files $uri @proxy_to_app;
  }
+  # The API should be secured with OAuth 2.0 or or JWT.
+  location /api {
+    try_files $uri @proxy_to_app;
+  }
  {% include "robots.j2" %}
 location @proxy_to_app {

--- a/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/programs.j2
+++ b/playbooks/roles/nginx/templates/edx/app/nginx/sites-available/programs.j2
@@ -85,6 +85,11 @@ server {
    try_files $uri @proxy_to_app;
  }
+  # The API should be secured with OAuth 2.0 or or JWT.
+  location /api {
+    try_files $uri @proxy_to_app;
+  }
  {% include "robots.j2" %}
 location @proxy_to_app {