Added support for reading auth header from env variable (#1746)

* Added support for reading auth header from env variable

* Check if variable is set, more accurate error description

* Formatting

Co-authored-by: Bernd Bestel <bernd@berrnd.de>

config-dist.php

@@ -76,6 +76,8 @@ Setting('AUTH_CLASS', 'Grocy\Middleware\DefaultAuthMiddleware');
 // When using ReverseProxyAuthMiddleware,
 // the name of the HTTP header which your reverse proxy uses to pass the username (on successful authentication)
 Setting('REVERSE_PROXY_AUTH_HEADER', 'REMOTE_USER');
+// When using ReverseProxyAuthMiddleware, set to true if the username is passed as environment variable
+Setting('REVERSE_PROXY_AUTH_USE_ENV', false);
 
 // LDAP options when using LdapAuthMiddleware
 Setting('LDAP_ADDRESS', ''); // Example value "ldap://vm-dc2019.local.berrnd.net"

middleware/ReverseProxyAuthMiddleware.php

@@ -22,6 +22,23 @@ class ReverseProxyAuthMiddleware extends AuthMiddleware
 			return $user;
 		}
 
+		if (GROCY_REVERSE_PROXY_AUTH_USE_ENV)
+		{
+			if (!isset($_SERVER[GROCY_REVERSE_PROXY_AUTH_HEADER]))
+			{
+				// Variable is not set
+				throw new \Exception('ReverseProxyAuthMiddleware: ' . GROCY_REVERSE_PROXY_AUTH_HEADER . ' env variable is missing (could not be found in $_SERVER array)');
+			}
+
+			$username = $_SERVER[GROCY_REVERSE_PROXY_AUTH_HEADER];
+			if (strlen($username) === 0)
+			{
+				// Variable is empty
+				throw new \Exception('ReverseProxyAuthMiddleware: ' . GROCY_REVERSE_PROXY_AUTH_HEADER . ' env variable is invalid');
+			}
+		}
+		else
+		{
 			$username = $request->getHeader(GROCY_REVERSE_PROXY_AUTH_HEADER);
 			if (count($username) !== 1)
 			{
@@ -29,6 +46,7 @@ class ReverseProxyAuthMiddleware extends AuthMiddleware
 				throw new \Exception('ReverseProxyAuthMiddleware: ' . GROCY_REVERSE_PROXY_AUTH_HEADER . ' header is missing or invalid');
 			}
 			$username = $username[0];
+		}
 
 		$user = $db->users()->where('username', $username)->fetch();
 		if ($user == null)