Skip to content

Instantly share code, notes, and snippets.

@hilbix
Last active April 24, 2021 05:51
Show Gist options
  • Save hilbix/5921589 to your computer and use it in GitHub Desktop.
Save hilbix/5921589 to your computer and use it in GitHub Desktop.
Example for Cookie-based Access Token with NginX HttpSecureLinkModule http://wiki.nginx.org/HttpSecureLinkModule and PHP (in this case for Typo3). Note that Typo3 needs to set the cookie as shown in token.php
# Excerpt of nginx config file
#..
#
set $ts 0;
if ($cookie_TOKEN ~ ",(.*)$") {
set $ts $1;
}
secure_link $cookie_TOKEN; # See TYPO3_ACCESSTOKEN
set $sec CHANGE_THIS_SHARED_SECRET; # See TYPO3_ACCESSKEY
secure_link_md5 $sec$ts$sec;
if ($secure_link != "1") {
return 403;
}
#
#..
#
fastcgi_param TYPO3_ACCESSTOKEN TOKEN;
fastcgi_param TYPO3_ACCESSKEY CHANGE_THIS_SHARED_SECRET;
fastcgi_param TYPO3_ACCESSTIME 3600;
#
#..
#!/usr/bin/php
<?
$sec = $argv[1]; // $TYPO3_ACCESSKEY
$delta = $argv[2]; // $TYPO3_ACCESSTIME
$ts = time()+$delta;
$str = "$sec$ts$sec";
$hash = str_replace('=','',strtr(base64_encode(md5($str,true)),'+/','-_'));
$cookie = "$hash,$ts"; // header("Set-Cookie: $TYPO3_ACCESSTOKEN=$cookie");
printf("SEC=%s TS=%s COOKIE=%s\n", $sec, $delta, $cookie);
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment