What is the simplest way to restrict access to a static website using social auth

I ended up using oauth2_proxy which is exactly what I was looking for.

I configured to do the following:

  • oauth2_proxy listens on 0.0.0.0:443
  • When a user connects, the Google sign-in flow is initiated
  • After sign-in, it validates the user's email address against a whitelist
  • After successful validation, oauth2_proxy proxies the request to an upstream nginx server listening on 127.0.0.1:8080

Tags:

Authorization

Access Control

Social Authentication

Recent Posts