我正在使用
Flask
在 Ubuntu
上部署我的 Nginx
应用程序,我还安装了 letsencrypt 服务,这样我就可以将 https 与 google oauth api 一起使用,我还添加了我的 callback uri 的 IP 和域在我的谷歌控制台内的授权重定向URI中。
我的问题是,如果我想使用 google oauth 登录,我会被重定向到 http://127.0.0.1:5445/login/google/authorized?state= 并收到此错误:
This site can’t be reached
我在 google 将我重定向到我的网站后收到此错误,但我不知道为什么它会将我重定向到此 IP 地址,我将其重定向到我的 nginx 配置中的原始网站,如您在此处看到的那样
proxy_redirect http://127.0.0.1:5445/login/google/authorized https://www.website.com/login/google/authorized;
app.conf:
server {
listen 80;
server_name website.com www.website.com *.website.com;
location / {
proxy_pass http://127.0.0.1:5445/;
proxy_redirect http://127.0.0.1:5445/login/google/authorized https://www.website.com/login/google/authorized;
#include uwsgi_params;
#uwsgi_pass unix:/home/userp/website.com/website.com.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
#ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM$
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
应用程序服务:
description "uWSGI server instance configured to serve website.com"
start on runlevel [2345]
stop on runlevel [!2345]
setuid userp
setgid www-data
env PATH=/home/userp/website.com/venv/bin
chdir /home/userp/website.com
exec uwsgi --socket 0.0.0.0:5445 --protocol=https -w manage:app
使用 ls -lah 检查权限级别,可以吗?