Examples
From Get docs
Nginx/docs/latest/njs/examples
Examples
- Hello World
- HTTP Аuthorization
- Creating HS JWT
- Creating secure_link Hash
- Getting Arbitrary Field from JWT as nginx Variable
- HTTP Proxying
- Accessing API from a Subrequest
- Returning Fastest Response from Proxy
- Subrequests Chaining
- Miscellaneous
- Internal Redirect
- Logging the Number of Requests Per Client
The examples work since 0.4.0.
Hello World
nginx.conf
:
events {}
http {
js_import http.js;
server {
listen 8000;
location / {
js_content http.hello;
}
}
}
http.js
:
function hello(r) {
r.return(200, "Hello world!");
}
export default {hello};
HTTP Аuthorization
Creating HS JWT
nginx.conf
:
js_import http.js;
js_set $jwt http.jwt;
http.js
:
function generate_hs256_jwt(claims, key, valid) {
var header = { typ: "JWT", alg: "HS256" };
var claims = Object.assign(claims, {exp: Math.floor(Date.now()/1000) + valid});
var s = [header, claims].map(JSON.stringify)
.map(v=>v.toString('base64url'))
.join('.');
var h = require('crypto').createHmac('sha256', key);
return s + '.' + h.update(s).digest('base64url');
}
function jwt(r) {
var claims = {
iss: "nginx",
sub: "alice",
foo: 123,
bar: "qq",
zyx: false
};
return generate_hs256_jwt(claims, 'foo', 600);
}
export default {jwt};
Creating secure_link Hash
nginx.conf
:
js_import http.js;
js_set $new_foo http.create_secure_link;
...
location / {
secure_link $cookie_foo;
secure_link_md5 "$uri mykey";
...
}
location @login {
add_header Set-Cookie "foo=$new_foo; Max-Age=60";
return 302 /;
}
http.js
:
function create_secure_link(r) {
return require('crypto').createHash('md5')
.update(r.uri).update(" mykey")
.digest('base64url');
}
export default {create_secure_link};
Getting Arbitrary Field from JWT as nginx Variable
nginx.conf
:
js_import http.js;
js_set $jwt_payload_sub main.jwt_payload_sub;
server {
...
location /jwt {
return 200 $jwt_payload_sub;
}
}
http.js
:
function jwt(data) {
var parts = data.split('.').slice(0,2)
.map(v=>Buffer.from(v, 'base64url').toString())
.map(JSON.parse);
return { headers:parts[0], payload: parts[1] };
}
function jwt_payload_sub(r) {
return jwt(r.headersIn.Authorization.slice(7)).payload.sub;
}
export default {jwt_payload_sub}
HTTP Proxying
Accessing API from a Subrequest
nginx.conf
:
js_import http.js;
keyval_zone zone=foo:10m;
...
location /keyval {
js_content http.set_keyval;
}
location /version {
js_content http.version;
}
location /api {
api write=on;
}
http.js
:
function set_keyval(r) {
r.subrequest('/api/5/http/keyvals/foo',
{ method: 'POST',
body: JSON.stringify({ foo: 789, bar: "ss dd 00" })},
function(res) {
if (res.status >= 300) {
r.return(res.status, res.responseBody);
return;
}
r.return(500);
});
}
function version(r) {
r.subrequest('/api/5/nginx', { method: 'GET' }, function(res) {
if (res.status != 200) {
r.return(res.status);
return;
}
var json = JSON.parse(res.responseBody);
r.return(200, json.version);
});
}
export default {set_keyval, version};
Returning Fastest Response from Proxy
nginx.conf
:
js_import http.js;
location /start {
js_content http.content;
}
location /foo {
proxy_pass http://backend1;
}
location /bar {
proxy_pass http://backend2;
}
http.js
:
function content(r) {
var n = 0;
function done(res) {
if (n++ == 0) {
r.return(res.status, res.responseBody);
}
}
r.subrequest('/foo', r.variables.args, done);
r.subrequest('/bar', r.variables.args, done);
}
export default {content};
Subrequests Chaining
nginx.conf
:
js_import http.js;
location /start {
js_content http.content;
}
location /auth {
proxy_pass http://auth_backend;
}
location /backend {
proxy_pass http://backend;
}
http.js
:
function content(r) {
r.subrequest('/auth')
.then(reply => JSON.parse(reply.responseBody))
.then(response => {
if (!response['token']) {
throw new Error("token is not available");
}
return reply['token'];
})
.then(token => {
r.subrequest('/backend', `token=${token}`)
.then(reply => r.return(reply.status, reply.responseBody));
})
.catch(_ => r.return(500));
}
export default {content};
Miscellaneous
Internal Redirect
nginx.conf
:
js_import http.js;
location /redirect {
js_content http.redirect;
}
location @named {
return 200 named;
}
http.js
:
function redirect(r) {
r.internalRedirect('@named');
}
export default {redirect};
Logging the Number of Requests Per Client
nginx.conf
:
js_import http.js;
js_set $num_requests http.num_requests;
keyval_zone zone=foo:10m;
keyval $remote_addr $foo zone=foo;
log_format bar '$remote_addr [$time_local] $num_requests';
access_log logs/access.log bar;
server {
listen 8000;
location / {
root html;
}
}
http.js
:
function num_requests(r)
{
var n = r.variables.foo;
n = n ? Number(n) + 1 : 1;
r.variables.foo = n;
return n;
}
export default {num_requests};
The keyval and keyval_zone directives are available as part of our commercial subscription.
© 2002-2021 Igor Sysoev
© 2011-2021 Nginx, Inc.
Licensed under the BSD License.
https://nginx.org/en/docs/njs/examples.html