ruby-on-rails – 用于反向代理NGINX的认证/访问控制模块

1. user authentication using credential stored in database (such as postgres)
2. Monitoring the ongoing connection and take action if certain access credential is met. For example,time is expired
3. open source (allow customization) and nginx,ruby(rails) preferable.

似乎OpenResty与nginx可以完成这项工作.这是article在nginx上讨论Lua的访问控制.这是一个示例(nginx和Lua),给我的印象是可以执行访问的文件片段(access_by_lua_file)：

server {
    listen 8080;

    location / {
      auth_basic           "Protected Elasticsearch";
      auth_basic_user_file passwords;

      access_by_lua_file '../authorize.lua';  #<<<=====

      proxy_pass http://elasticsearch;
      proxy_redirect off;
    }

  }

我是反向代理访问控制的新手.任何想法都表示赞赏.