Mimic nginx header config for Traefik in front of AWX

I'm trying to use Traefik 2.0 as a reverse proxy in front of awx.
Here is the labels section of my docker-compose.yml:

      traefik.enable: true
      traefik.docker.network: "proxy"
      traefik.http.routers.ansible-awx.entrypoints: "http"
      traefik.http.routers.ansible-awx.rule: "Host(`hostname`)"
      traefik.http.middlewares.ansible-awx-https-redirect.redirectscheme.scheme: "https"
      traefik.http.routers.ansible-awx.middlewares: "ansible-awx-https-redirect"
      traefik.http.middlewares.awx-auth.basicauth.realm: "Ansible AWX"
      traefik.http.middlewares.awx-auth.basicauth.usersfile: "/awx.htpasswd"
      traefik.http.routers.ansible-awx-secure.entrypoints: "https"
      traefik.http.routers.ansible-awx-secure.rule: "Host(`hostname`)"
      traefik.http.routers.ansible-awx-secure.middlewares: "awx-auth"
      traefik.http.services.ansible-awx.loadbalancer.server.port: "8052"
      traefik.http.routers.ansible-awx-secure.tls: true
      traefik.http.routers.ansible-awx-secure.tls.certresolver: "http"

The config does work so far: The letsencrypt cert was deployed successfully and the login form of the service is reachable at the given url.
When I try to log in, I get this error on the JS console:

Error: "[$http:badreq] Http request configuration url must be a string or a $sce trusted object.  Received: undefined

If I access the service directly over http the login works.
I found these configuration options in the nginx.conf example provided for AWX:

proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";

My expectation is, that I need to mimic some of these settings in my Traefik configuration to make it work. I don't fully understand the cause, but to me it looks like the callback of AWX fails because on of these headers are not set correctly.

Can someone provide me with a hint on how to adopt the required header configuration for Traefik?

After further investigation, I found out that my assumption regarding the header configuration is wrong and misleading.
After commenting out the line

#traefik.http.routers.ansible-awx-secure.middlewares: "awx-auth"

and therefore disabling the basicauth middleware the login / websocket request worked perfectly fine.

The remaining question is: Is it possible to get websocket requests to work while basicauth is enabled?

I stumbled upon a very interesting project authelia (https://github.com/authelia/authelia) which provides two factor authentication as a Traefik middleware.

This seems like a much better solution for my use case where I tried to add basic authentication to add additional protection for my endpoint.

The installation/setup was relatively easy due to good examples for the project and I'm perfectly happy with it.

Even if this is not really a solution to my initial issue, I'll mark this as a solution because my requirement is solved.