I have a rails app deployed on heroku and I would like to use nginx reverse proxy to access it on a subdirectory. Almost everything is working except for the devise login/signup & this is only an issue when accessing through the proxy.
My rails app for example can be logged into directly at the heroku url https://myapp.herokuapp.com/subdir
What I want is to be able to login on my custom domain https://example.com/subdir
here is my nginx config where I'm able to load the rails app, but not able to authenticate.
location /subdir/ {
proxy_set_header Host myapp.herokuapp.com;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-NginX-Proxy true;
proxy_ssl_server_name on;
proxy_pass https://myapp.herokuapp.com/subdir/;
}
I've tried many variations with & without the above proxy headers, everything still works with just the Host & proxy_pass.
On the server logs when attempting sign in I see that sign in was successful (also I'm able to create an account and it populates in the database) however I am not redirected to the authenticated path, instead I'm placed back on the /sign_up path because I'm not authenticated
I see the below errors in the server logs
Completed 401 Unauthorized
HTTP Origin header (https://example.com) didn't match request.base_url (https://myapp.herokuapp.com)
This origin header seems to be the issue but I'm not able to find a solution. I feel like this is potentially a one line config change in nginx?
