I have the situation where nextcloud is installed on a webserver along with other tools:
- path: /nextcloud The Nextcloud instance
- path: /grafana A grafana instance
- path: /media some other stuff
My goal is to protect the other URLs using the login from Nextcloud.
I built a very small nextcloud-app that:
- changes the cookie path to
- provides an GET endpoint checking if the user is authenticated
Then nginx uses
auth_request against this new endpoint to authorize every request to the other apps (yes this impairs performance a bit).
If you are interested please have a look: https://github.com/yvesf/nextcloud-app-poorsso Feedback is welcome.
I’m not experienced with Nextcloud and open for suggestions and especially security hints.
Kind regards, yves