From 1f6874cf0dc1d13aec3ce8b8a08250f036a6d1cb Mon Sep 17 00:00:00 2001 From: Phuong Dinh Date: Tue, 20 Oct 2020 15:28:07 -0400 Subject: [PATCH 1/2] Add simple auth --- app/controllers/items_controller.rb | 13 +++++++++++++ app/views/items/show.html.erb | 2 +- config/environments/development.rb | 2 +- config/routes.rb | 6 +++++- docker-compose.yml | 2 ++ nginx/nginx.conf.template | 2 +- 6 files changed, 23 insertions(+), 4 deletions(-) diff --git a/app/controllers/items_controller.rb b/app/controllers/items_controller.rb index 398131d..719a2ce 100644 --- a/app/controllers/items_controller.rb +++ b/app/controllers/items_controller.rb @@ -15,6 +15,8 @@ def index # GET /items/1 # GET /items/1.json def show + session[:token] ||= SecureRandom.hex(16) + Rails.cache.write(session[:token], @item.streams.values, expires_in: 1.hours) end # GET /items/new @@ -66,6 +68,17 @@ def destroy end end + # GET /items/auth + def authorize + authorized_streams = Rails.cache.read(params[:token]) + + if params[:name] and not authorized_streams.any? { |valid| valid.index(params[:name]).present? } + return head :forbidden + else + return head :ok + end + end + private # Use callbacks to share common setup or constraints between actions. def set_item diff --git a/app/views/items/show.html.erb b/app/views/items/show.html.erb index 40c0347..2459d74 100644 --- a/app/views/items/show.html.erb +++ b/app/views/items/show.html.erb @@ -23,7 +23,7 @@ preload="auto" > <% @item.streams.each do |stream| %> - " type="application/x-mpegURL" label="<%= stream["label"] %>"/> + ?token=<%= session[:token] %>" type="application/x-mpegURL" label="<%= stream["label"] %>"/> <% end %>

diff --git a/config/environments/development.rb b/config/environments/development.rb index 1311e3e..a6b4ca5 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -24,7 +24,7 @@ else config.action_controller.perform_caching = false - config.cache_store = :null_store + config.cache_store = :memory_store end # Store uploaded files on the local file system (see config/storage.yml for options) diff --git a/config/routes.rb b/config/routes.rb index 1e3e2d9..c37c7c6 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,5 +1,9 @@ Rails.application.routes.draw do - resources :items + resources :items do + collection do + get :authorize + end + end devise_for :users root to: "items#index" # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html diff --git a/docker-compose.yml b/docker-compose.yml index a37f9b3..4a793c0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,6 +17,8 @@ services: - "3000:3000" depends_on: - db + stdin_open: true + tty: true streaming: build: ./nginx volumes: diff --git a/nginx/nginx.conf.template b/nginx/nginx.conf.template index 5043461..b861c88 100644 --- a/nginx/nginx.conf.template +++ b/nginx/nginx.conf.template @@ -38,7 +38,7 @@ http { sub_filter_once off; sub_filter '.ts' ".ts?token=$token"; - # auth_request /auth; + auth_request /auth; add_header Access-Control-Allow-Headers '*'; add_header Access-Control-Expose-Headers 'Server,range,Content-Length,Content-Range'; add_header Access-Control-Allow-Methods 'GET, HEAD, OPTIONS'; From c23964116ff4d5cbd6eaf1f709bfd25d9219f604 Mon Sep 17 00:00:00 2001 From: Phuong Dinh Date: Wed, 21 Oct 2020 10:53:34 -0400 Subject: [PATCH 2/2] Use new stream format --- app/controllers/items_controller.rb | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/app/controllers/items_controller.rb b/app/controllers/items_controller.rb index 719a2ce..1a9b5ef 100644 --- a/app/controllers/items_controller.rb +++ b/app/controllers/items_controller.rb @@ -1,6 +1,6 @@ class ItemsController < ApplicationController before_action :set_item, only: [:show, :edit, :update, :destroy] - before_action :require_login, except: [:index] + before_action :require_login, except: [:index, :authorize] def require_login redirect_to new_user_session_path unless current_user.present? @@ -16,7 +16,9 @@ def index # GET /items/1.json def show session[:token] ||= SecureRandom.hex(16) - Rails.cache.write(session[:token], @item.streams.values, expires_in: 1.hours) + Rails.cache.write(session[:token], + @item.streams.collect { |s| s["url"] }, + expires_in: 1.hours) end # GET /items/new @@ -68,7 +70,7 @@ def destroy end end - # GET /items/auth + # GET /items/authorize def authorize authorized_streams = Rails.cache.read(params[:token])