Creates a new RubyAccessHandler instance for the Apache web server. The argument
secret
is the shared secret string that the application uses
to create valid URLs (tokens).
# File lib/apache/secure_download.rb, line 42 def initialize(secret, options = {}) @secret, @deny, @allow = secret, *options.values_at(:deny, :allow) raise ArgumentError, 'secret is missing' unless @secret.is_a?(String) raise ArgumentError, ':deny is not a regexp' unless @deny.nil? || @deny.is_a?(Regexp) raise ArgumentError, ':allow is not a regexp' unless @allow.nil? || @allow.is_a?(Regexp) end
Checks whether the current request
satisfies the following
requirements:
The expiration time lies in the future (i.e., not expired)
The token is valid for the requested URL and the given timestamp
If either condition doesn't hold true, access to the requested resource is denied!
# File lib/apache/secure_download.rb, line 57 def check_access(request) timestamp, token = Util.split(request.param(Util::TOKEN_KEY) || '') # Remove timestamp and token from query args request.args &&= Util.real_query(request.args) return FORBIDDEN if @deny && request.uri =~ @deny return OK if @allow && request.uri =~ @allow return FORBIDDEN if timestamp < Time.now.to_i || token != Util.token(@secret, request.unparsed_uri, timestamp) return OK end