Ok, this almost seems to be the answer:
server {
listen 80;
if ($request_uri = "/") {
return 302 /?session=$remote_user;
}
location / {
auth_basic "Password Required";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://0.0.0.0:8080;
}
}
$request_uri contains both the URI and the arguments. This checks if no session argument is present and does a redirect. Digging into the bundle.js code, it seems the page looks to the window.location variable for the session query string. Since the proxy was only adding the session information on the way from the page to the server, the page still thought it was http://localhost not http://localhost?session=user1. As such, the page was never aware of the session in the original code. A redirect is required because it tells the browser to go to a different URL (one with the session information).
The problem is that it remembers the redirect with an empty remote_user string even after you go through the login. You then need to refresh it by manually going back to http://localhost and it will pick up the login name. The solution? Ain't pretty since nginx doesn't allow boolean concatenation of if conditions.
server {
listen 80;
# see if both conditions exist to trigger a redirect
set $redirect_ready 0;
if ($remote_user != '') { # a user name exists
set $redirect_ready 1;
}
if ($request_uri = "/") { # the base path is given without a session name
set $redirect_ready 1$redirect_ready;
}
if ($redirect_ready = 11) {
return 302 /?session=$remote_user;
}
location / {
auth_basic "Password Required";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://0.0.0.0:8080;
}
}