Exposing different server via Elixir Phoenix

I have a server running from a binary at localhost:4100 - but by default access to that is public. At localhost:4100 I also get the UI displayed for searching json documents.

I wish to protect localhost:4100 as authenticated_route.

My approach :

  1. basic auth in Phoenix via mix phx.gen.auth
  2. if authenticated β†’ re route to localhost:4100

Phoenix server on localhost:4000 exposed publicly via ngrok.

Alternatively, I could

  1. Use localhost:4100 as backend β†’ receive json response from it and render UI in liveview – but that’s more tedious, it feels.

Is there a better way to route autenticated traffic to a different port or maybe run two services on same port but different routes?

P.S. at localhost:4100 runs Binary of – > https://www.meilisearch.com/ which provides a nice UI for searching JSON documents.

If I understand correctly - You want Phoenix server to redirect directly to 4100 server post authentication ? (I am assuming re route as redirecting)

Also 4100 server does not have any auth or security ? (I am assuming no auth)

Unless you reverse proxy, it does not secure 4100 server as user can navigate to 4100 server port directly(once he gets to know about its existence and the fact that it has no auth enabled)

What you are looking for is L7 reverse proxy. You can implement that on your own as what it basically does is:

  1. Receive HTTP request from the untrusted source.
  2. Decode the message, do some validations, checks, etc. Whatever you need.
  3. Pass that request to the another service - aka make HTTP request on behalf of the external requester.
  4. Receive the response and potentially do some additional processing.
  5. Pass the response to the external requester.

All of that can be easily done in Elixir. It may not be super performant, but for basic usage it should be enough.

1 Like

If one does not have any additional requirements - needs only auth + reverse proxy - they can use Vouch + Nginx.

It seems Vouch Proxy is what I need.

Thank you @hauleth 's for explanation of L7 proxy and pointing in right direction!

Meilisearch docs has a section - 3.1. Creating a reverse proxy with Nginx

This might be of help to you.

1 Like