From 679260804eadcea411ae4f12f609c18ba588d204 Mon Sep 17 00:00:00 2001
From: YuryHrytsuk <yuryhrytsuk@gmail.com>
Date: Thu, 24 Jul 2025 16:01:33 +0200
Subject: [PATCH] Traefik: use wb-auth for platform user auth

Since new service for user authentication was introduced. We shall use
it in platform user authentication middleware

* https://github.com/ITISFoundation/osparc-simcore/pull/8130
* https://github.com/ITISFoundation/osparc-ops-environments/pull/1146

* https://github.com/ITISFoundation/osparc-ops-environments/issues/1145
---
 services/traefik/docker-compose.yml.j2 | 2 +-
 services/traefik/template.env          | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/services/traefik/docker-compose.yml.j2 b/services/traefik/docker-compose.yml.j2
index 1137c36e..5e97686a 100644
--- a/services/traefik/docker-compose.yml.j2
+++ b/services/traefik/docker-compose.yml.j2
@@ -131,7 +131,7 @@ services:
         - traefik.http.middlewares.ops_ratelimit.ratelimit.sourcecriterion.ipstrategy.depth=1
         # Platform user auth: Use this middleware to enforce only authenticated users
         # https://doc.traefik.io/traefik/middlewares/http/forwardauth
-        - traefik.http.middlewares.authenticated_platform_user.forwardauth.address=http://${WEBSERVER_HOST}:${WEBSERVER_PORT}/v0/auth:check
+        - traefik.http.middlewares.authenticated_platform_user.forwardauth.address=http://${WB_AUTH_WEBSERVER_HOST}:${WB_AUTH_WEBSERVER_PORT}/v0/auth:check
         - traefik.http.middlewares.authenticated_platform_user.forwardauth.trustForwardHeader=true
         - traefik.http.middlewares.authenticated_platform_user.forwardauth.authResponseHeaders=Set-Cookie,osparc-sc2
         #
diff --git a/services/traefik/template.env b/services/traefik/template.env
index 8fae8c1f..c05daf02 100644
--- a/services/traefik/template.env
+++ b/services/traefik/template.env
@@ -34,8 +34,8 @@ DEPLOYMENT_FQDNS_WWW_CAPTURE_TRAEFIK_RULE='${DEPLOYMENT_FQDNS_WWW_CAPTURE_TRAEFI
 PUBLIC_NETWORK=${PUBLIC_NETWORK}
 MONITORED_NETWORK=${MONITORED_NETWORK}
 
-WEBSERVER_HOST=${WEBSERVER_HOST}
-WEBSERVER_PORT=${WEBSERVER_PORT}
+WB_AUTH_WEBSERVER_HOST=${WB_AUTH_WEBSERVER_HOST}
+WB_AUTH_WEBSERVER_PORT=${WB_AUTH_WEBSERVER_PORT}
 
 TRAEFIK_DOMAINS_REDIRECT_FROM=${TRAEFIK_DOMAINS_REDIRECT_FROM}
 TRAEFIK_DOMAINS_REDIRECT_TO=${TRAEFIK_DOMAINS_REDIRECT_TO}