Tasty Cookies with nginx
In a previous post I talked about the best way to handle putting an application into maintenance mode. In addition to sending the appropriate status code (503) for machines, nginx is configured to serve a helpful page to inform users of the maintenance window. Today, I would like to build on this configuration to make it possible for a few users to test the application while it is in maintenance mode for the rest of the world. There are a few different ways this could be handled, but HTTP cookies are a simple and flexible solution.
Recall these directives which instruct nginx to check for our maintenance page and set the status code to 503:
if (-f $document_root/system/maintenance.html) { return 503; }Let’s modify this with a variable to track state. Now, we can add an additional check for anything we would like to turn $maint off. $http_cookie holds all the cookies for the request:
set $maint off; if (-f $document_root/system/maintenance.html) { set $maint on; } if ($http_cookie ~* "topsekrit" ) { set $maint off; } if ($maint = on) { return 503; }You can now set a cookie with a value of “topsekrit” and nginx will let you circumvent the maintenance page to test your new code before you release it to the world.