NAME
Authen::ModAuthToken - Generates Mod-Auth-Token compatible URLs
VERSION
version 0.03
SYNOPSIS
In your Apache's configuration, define the following:
## (your module's path may vary)
LoadModule auth_token_module /usr/lib/apache2/modules/mod_auth_token.so
Alias
"/protected"
"/my/protected/directory"
<Location
"/protected"
>
AuthTokenSecret
"FlyingMonkeys"
AuthTokenPrefix /protected/
AuthTokenTimeout 14400
</Location>
In a CGI script, use the following:
## If the file wasn't protected with "mod-auth-token",
## its URL would have been:
$prefix_url
=
"/protected"
;
$file_to_protect
=
"/myfile.txt"
;
##
## Since the location is protected with mod-auth-token,
## Generate a valid access token:
##
$token
= generate_mod_auth_token(
secret
=>
"FlyingMonkeys"
,
filepath
=>
$file_to_protect
) ;
$url
=
$web_server
.
$prefix_url
.
$token
;
## The protected URL will look like
## (actual value will change, as it dependant upon the current time).
##
## Show this URL to the user, to allow him access to this file.
DESCRIPTION
This module does not perform the actual authentication - it merely generates a valid authentication token URL, which will be authenticated by the mod_auth_token module.
FUNCTIONS
generate_mod_auth_token ( sercet => $secret, filepath => $path, [ remote_addr => $remote_addr ])
-
Generates an authentication token, based on given parameters and current time.
Parameters:
secret
- The secret key, will be used to calculate the MD5 hash. Must match the key in your apache's configuration.filepath
- The relative URL of the file you want to publish. The path must begin with a slash (/
) .remote_addr
- (optional) - the remote IP of the client. If you use this option, your apache configuratino should includeAuthTokenLimitByIp on
- see the mod-auth-token website for more details.Output:
The function returns a URL portion of the protected file (see synopsis for an example).
Examples
The following example files are in the ./eg/
directory:
mod_auth_token_example.pl
-
prints a mod-auth-token URL. Configuration (server, prefix, key, file) can be set with command-line parameters.
AUTHOR
Assaf Gordon, <gordon at cshl.edu>
TODO
BUGS
Please report any bugs or feature requests to https://github.com/agordon/Authen-ModAuthToken/issues
SEE ALSO
http://code.google.com/p/mod-auth-token/
ACKNOWLEDGEMENTS
Thanks to Mikael Johansson (http://www.synd.info) and David Alves (http://www.alvesdavid.com) for creating Mod-Auth-Token.
LICENSE AND COPYRIGHT
Copyright 2011 Assaf Gordon.
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.