Hi,
I have the situation where nextcloud is installed on a webserver along with other tools:
- path: /nextcloud The Nextcloud instance
- path: /grafana A grafana instance
- path: /media some other stuff
My goal is to protect the other URLs using the login from Nextcloud.
I built a very small nextcloud-app that:
- changes the cookie path to
/ - provides an GET endpoint checking if the user is authenticated
Then nginx uses auth_request against this new endpoint to authorize every request to the other apps (yes this impairs performance a bit).
If you are interested please have a look: GitHub - yvesf/nextcloud-app-poorsso: *BROKEN* in newer nextcloud version. Hook has been removed. Poor men's SSO using nextcloud login Feedback is welcome.
Iām not experienced with Nextcloud and open for suggestions and especially security hints.
Kind regards, yves