-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.dev.lua
executable file
·37 lines (32 loc) · 1.19 KB
/
auth.dev.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
-- 简单的权限验证
-- by Sunmoon
local function forbidden()
ngx.status = ngx.HTTP_UNAUTHORIZED
ngx.header.content_type = "application/json; charset=utf-8"
ngx.say("{\"status\": 401, \"message\": \"Unauthorized\", \"error\": 1}")
return ngx.exit(ngx.HTTP_OK)
end
local function simple_debug(msg)
ngx.say(msg)
return ngx.exit(ngx.HTTP_OK)
end
local upload_user = ngx.req.get_headers()["UPLOAD-SERVER-USER"]
local upload_token = ngx.req.get_headers()["UPLOAD-SERVER-TOKEN"]
local upload_date = ngx.req.get_headers()["UPLOAD-SERVER-DATE"]
local upload_notify_url = ngx.req.get_headers()["UPLOAD-SERVER-NOTIFY-URL"]
local secretkey='k4Ao7KWVbvg3Z2L6KLwN9OoDjQL5SioJffIPoODATxCynuEVEAt0278kg7r9FHiS'
local date = os.date("%Y%m%d%H")
if upload_user == nil or upload_token == nil then
return forbidden()
end
if upload_notify_url == nil then
upload_notify_url = ''
end
if upload_date == nil then
upload_date = date
end
local string = 'uid:' .. tostring(upload_user) .. '&secretkey:' .. tostring(secretkey) .. '&datetime:' .. tostring(upload_date) .. '¬ifyurl:' .. tostring(upload_notify_url)
local token = ngx.md5(string)
if token ~= upload_token then
return forbidden()
end