class Apache::SecureDownload



Public Class Methods

new(secret, options = {}) click to toggle source

Creates a new RubyAccessHandler instance for the Apache web server. The argument secret is the shared secret string that the application uses to create valid URLs (tokens).

# File lib/apache/secure_download.rb, line 42
def initialize(secret, options = {})
  @secret, @deny, @allow = secret, *options.values_at(:deny, :allow)

  raise ArgumentError, 'secret is missing'      unless @secret.is_a?(String)
  raise ArgumentError, ':deny is not a regexp'  unless @deny.nil?  || @deny.is_a?(Regexp)
  raise ArgumentError, ':allow is not a regexp' unless @allow.nil? || @allow.is_a?(Regexp)

Public Instance Methods

check_access(request) click to toggle source

Checks whether the current request satisfies the following requirements:

  1. The expiration time lies in the future (i.e., not expired)

  2. The token is valid for the requested URL and the given timestamp

If either condition doesn't hold true, access to the requested resource is denied!

# File lib/apache/secure_download.rb, line 57
def check_access(request)
  timestamp, token = Util.split(request.param(Util::TOKEN_KEY) || '')

  # Remove timestamp and token from query args
  request.args &&= Util.real_query(request.args)

  return FORBIDDEN if @deny  && request.uri =~ @deny
  return OK        if @allow && request.uri =~ @allow

  return FORBIDDEN if timestamp < ||
    token != Util.token(@secret, request.unparsed_uri, timestamp)
  return OK