【1】下载
https://code.google.com/p/mod-auth-token/
【2】编译
rm -f configure
autoreconf -fi
automake -f
./configure
make
【3】配置httpd.conf
是否添加
LoadModule auth_token_module modules/mod_auth_token.so
【4】配置httpd-vhosts.conf
假名preview指向mnt。
Alias /preview "/mnt"
<Location /preview/>
AuthTokenSecret "s3cr3tstr1ng"
AuthTokenPrefix /preview/
AuthTokenTimeout 3600
AuthTokenLimitByIp on
</Location>
【5】编码
传入系统文件的path,返回http协议的防盗链path
public static function get_auth_token_URI($sRelPath)
{
$secret = "s3cr3tstr1ng"; // Same as AuthTokenSecret
$protectedPath = "/preview/"; // Same as AuthTokenPrefix
$ipLimitation = true; // Same as AuthTokenLimitByIp
$hexTime = dechex(time()); // Time in Hexadecimal
// /mnt/volume1/2015/12/2/18/3/24637b61-a010-49cc-8c2d-6a0005abf2e5
$fileName = substr($sRelPath, 4); // The file to access
// Let's generate the token depending if we set AuthTokenLimitByIp
if ($ipLimitation)
{
$token = md5($secret . $fileName . $hexTime . $_SERVER['REMOTE_ADDR']);
}
else
{
$token = md5($secret . $fileName. $hexTime);
}
// We build the url
$httpOrigin = null;
if(isset($_SERVER['HTTP_ORIGIN'] ))
$httpOrigin = $_SERVER['HTTP_ORIGIN'];
else
$httpOrigin = 'http://' . $_SERVER['HTTP_HOST'];
$url = $httpOrigin . $protectedPath . $token. "/" . $hexTime . $fileName;
return $url;
}