Protect an exact path

[roblabla]

I would like the ability to protect an exact path, and not the child directory. The reason is that I'd want to protect the file listing (Served with browse on the / path) but allow access to all subfiles. This is for a download server where the paths should stay private.

Essentially, I'd lime a config similar to:

https://example.com {
  root /srv/http

  jwt {
     path /
     exact_path true
     redirect /login
  }

  login {
    login_path /login
  }

  browse
}

Anyone would be able to access the paths under /, but getting to / (invoking browse) would require a login.

[magikstm]

Did you try:

The allowroot parameter? https://github.com/BTBurke/caddy-jwt#allowing-public-access-to-certain-paths

Or the passthrough parameter? https://github.com/BTBurke/caddy-jwt#allowing-public-access-regardless-of-token

[roblabla]

Unless I misunderstand, allowroot does the exact opposite of what I want. It protects everything except the root. I only want to protect the root.

I’m not sure how passthrough would help.

[BTBurke]

I don't think there is a way to do what you want currently. I don't have the time to work on this since I think it's probably a low priority feature. If someone wants to give it a shot, I'd happily look at a pull-request.

[roblabla]

Caddy2 provides this free of charge with its new matcher functionality! #57