NAME
Authen::ModAuthToken - Generates Mod-Auth-Token compatible URLs
VERSION
version 0.03
SYNOPSIS
In your Apache's configuration, define the following:
## (your module's path may vary)
LoadModule auth_token_module /usr/lib/apache2/modules/mod_auth_token.so
Alias "/protected" "/my/protected/directory"
<Location "/protected">
AuthTokenSecret "FlyingMonkeys"
AuthTokenPrefix /protected/
AuthTokenTimeout 14400
</Location>
In a CGI script, use the following:
use Authen::ModAuthToken qw/generate_mod_auth_token/;
## If the file wasn't protected with "mod-auth-token",
## its URL would have been:
## http://my.server.com/protected/myfile.txt
$web_server = "http://my.server.com" ;
$prefix_url = "/protected";
$file_to_protect = "/myfile.txt";
##
## Since the location is protected with mod-auth-token,
## Generate a valid access token:
##
$token = generate_mod_auth_token(
secret => "FlyingMonkeys",
filepath => $file_to_protect ) ;
$url = $web_server . $prefix_url . $token ;
## The protected URL will look like
## http://my.server.com/protected/6c488f69992206a2b5cc9c6a9cc91709/4f0f7b09/myfile.txt
## (actual value will change, as it dependant upon the current time).
##
## Show this URL to the user, to allow him access to this file.
DESCRIPTION
This module does not perform the actual authentication - it merely generates a valid authentication token URL, which will be authenticated by the mod_auth_token module.
FUNCTIONS
generate_mod_auth_token ( sercet => $secret, filepath => $path, [ remote_addr => $remote_addr ])
-
Generates an authentication token, based on given parameters and current time.
Parameters:
secret
- The secret key, will be used to calculate the MD5 hash. Must match the key in your apache's configuration.filepath
- The relative URL of the file you want to publish. The path must begin with a slash (/
) .remote_addr
- (optional) - the remote IP of the client. If you use this option, your apache configuratino should includeAuthTokenLimitByIp on
- see the mod-auth-token website for more details.Output:
The function returns a URL portion of the protected file (see synopsis for an example).
Examples
The following example files are in the ./eg/
directory:
mod_auth_token_example.pl
-
prints a mod-auth-token URL. Configuration (server, prefix, key, file) can be set with command-line parameters.
AUTHOR
Assaf Gordon, <gordon at cshl.edu>
TODO
BUGS
Please report any bugs or feature requests to https://github.com/agordon/Authen-ModAuthToken/issues
SEE ALSO
http://code.google.com/p/mod-auth-token/
ACKNOWLEDGEMENTS
Thanks to Mikael Johansson (http://www.synd.info) and David Alves (http://www.alvesdavid.com) for creating Mod-Auth-Token.
LICENSE AND COPYRIGHT
Copyright 2011 Assaf Gordon.
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.