From fa23c11edba63e7b4689b99521cafdc115c3cde3 Mon Sep 17 00:00:00 2001
From: jmformenti <jmformenti@gmail.com>
Date: Sat, 10 Feb 2024 16:24:00 +0100
Subject: [PATCH] feat: define basic auth for virtual path

---
 docs/README.md | 3 +++
 nginx.tmpl     | 5 ++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/docs/README.md b/docs/README.md
index 431fe60..32d432c 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -479,6 +479,9 @@ docker run -d -p 80:80 -p 443:443 \
 
 You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
 
+If you want to define basic authentication for a `VIRTUAL_PATH`, you have to create a file named as /etc/ngingx/htpasswd/${VIRTUAL_HOST}_${VIRTUAL_PATH_SHA1}
+(where $VIRTUAL_PATH_SHA1 is the SHA1 hash for the virtual path, you can use any SHA1 online generator to calculate it).
+
 ### Upstream (Backend) Server HTTP Load Balancing Support
 
 > **Warning**
diff --git a/nginx.tmpl b/nginx.tmpl
index f9fff01..8b8b12e 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -275,7 +275,10 @@
         set $upstream_keepalive {{ if ne $keepalive "disabled" }}true{{ else }}false{{ end }};
         {{- end }}
 
-        {{- if (exists (printf "/etc/nginx/htpasswd/%s" .Host)) }}
+        {{- if (exists (printf "/etc/nginx/htpasswd/%s_%s" .Host (sha1 .Path) )) }}
+        auth_basic "Restricted {{ .Host }}/{{ .Path }}";
+        auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s_%s" .Host (sha1 .Path)) }};
+        {{- else if (exists (printf "/etc/nginx/htpasswd/%s" .Host)) }}
         auth_basic "Restricted {{ .Host }}";
         auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" .Host) }};
         {{- end }}