生成ip和时间有限的下载链接 [英] Generate ip and time limited download link

问题描述

有一个用于下载文件的直接链接。用户可以在付款后下载该链接，如下所示：

there is a direct link for download a file. users can download that link after payout, like this:

http://example.com/download/webapp.rar

但是我需要生成ip和时间有限的下载链接，以防止与其他人混淆文件。我想这样做，而不使用任何数据库。如下所示：

But I need generate ip and time limited download link to prevent leech the file with others. I want to do this without use any databases. something like this :

http://example.com/download.php?a5fds588fgdf

或

http://example.com/download/a5fds588fgdf

有没有提示？

推荐答案

这是一个非常好的nginx模块。

There is a really good nginx module doing this.

URL获取两个参数 - 让我们称之为（安全）和t（时间戳）。安全是从时间戳，路径和盐生成的安全哈希（在您的情况下只需添加ip）。

The URL gets two parameters - Let's call them s (security) and t (timestamp). Security is a secure hash generated from timestamp, path and a salt (in your case just add the ip).

$ip = $_SERVER['REMOTE_ADDR'];
$salt = 'change me cause im not secure';
$path = '/download/webapp.rar';
$timestamp = time() + 3600; // one hour valid
$hash = md5($salt . $ip . $timestamp . $path); // order isn't important at all... just do the same when verifying
$url = "http://mysite.com{$path}?s={$hash}&t={$timestamp}"; // use this as DL url

要验证：

$ip = $_SERVER['REMOTE_ADDR'];
$salt = 'change me cause im not secure';
$path = $_SERVER['REQUEST_URI'];
$hashGiven = $_GET['s'];
$timestamp = $_GET['t'];
$hash = md5($salt . $ip . $timestamp . $path);
if($hashGiven == $hash && $timestamp <= time()) {
    // serve file
} else {
    die('link expired or invalid');
}

现在，您只需要将下载重写为中间的人 -script，你完成了。

Now you just need to rewrite the downloads to this "man in the middle"-script and you are done.

nginx的示例重写：

Example rewrite for nginx:

location /download {
    rewrite ^.*$ /download.php last;
    break;
}

我不太熟悉apache重写，所以你可以自己检查

I'm not really familar with apache rewrites so you may check for this yourself.

如果您使用以下模块之一，则无需自行验证所有这些模块，而且性能更好，但请注意，它可以提供更多的配置和有时候另外一种生成url和hash的方法（见这里的模块文档）。

If you are using one of the following modules you do not need to verify all this yourself and it is much better performance-wise but note that it affords more configuration and sometimes another way to generate the url and hash (see module docs here).

或者你只需​​使用nginx安全链接模块： http://wiki.nginx.org/HttpSecureLinkModule

Or you just use the nginx secure link module: http://wiki.nginx.org/HttpSecureLinkModule

还有一个吊坠轻便： http://redmine.lighttpd.net/wiki/1/Docs:ModSecDownload

或nginx安全下载模块： http：/ /wiki.nginx.org/HttpSecureDownload

Or the nginx secure download module: http://wiki.nginx.org/HttpSecureDownload

也许apache也有东西... Ma你可以在那里做一些改写...

Maybe there is something for apache too... Maybe you could do something with rewrites there...

这篇关于生成ip和时间有限的下载链接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！