I have a Kohana 3.3 application, and I have removed /index.php/ from the URI with some rules in an .htaccess file. Everything is working fine, until I come to use Basic Authentication. I can’t access Basic Auth from $_SERVER because the site is served with php-cgi, which is explained here.
The solution in the previous link works, though it adds /index.php/ back into the URI. I can’t seem to manage to add the new rewrite rule without the server throwing a 500.
Here are my current rewrite rules:
<IfModule mod_rewrite.c>
Options +FollowSymlinks
# Options +SymLinksIfOwnerMatch
Options +FollowSymlinks
RewriteEngine On
# RewriteBase /
</IfModule>
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Rewrite all other URLs to index.php/URL
#RewriteRule .* app/index.php/$0 [PT]
RewriteRule ^(.*)$ index.php/$0 [PT,L]
RewriteRule ^$ index.php/$0 [PT,L]
And here’s what I need to add:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^Basic.*
RewriteRule (.*) index.php?Authorization=%{HTTP:Authorization} [QSA,L]
</IfModule>
How can I make this work? And is there a relatively easy way to learn how mod_rewrite works?
Try this code in your DocumentRoot/.htaccess:
DirectoryIndex index.php
Options +FollowSymlinks -MultiViews
RewriteEngine On
RewriteBase /api/
# Protect application and system files from being viewed
RewriteRule ^(?:application|modules|system)\b /index.php/$0 [L]
# Allow any files or directories that exist to be displayed directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$0 [L]
RewriteCond %{HTTP:Authorization} ^Basic.*
RewriteRule ^ index.php?Authorization=%{HTTP:Authorization} [L]