scaleplan/access-to-files

There is no license information available for the latest version (dev-master) of this package.

Caching files with Redis, PHP and Nginx

Maintainers

Details

github.com/scaleplan/access-to-files

Source

Issues

Installs: 53

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 0

Open Issues: 0

dev-master 2020-11-16 11:24 UTC

Requires

Unknown License c59aec32fcd9608c50e8008c4c7a9ba8369ed20d

This package is auto-updated.

Last update: 2024-04-16 18:08:19 UTC

README

Control access to private files.

Installation

composer reqire scaleplan/access-to-files

How it works

Suppose we need to give access to the document.pdf file for 1 hour and to the picture.jpg file for 5 minutes to the currently authorized user. And these files are by default inaccessible to this user.

First, execute the following code:

//First file
AccessToFiles::getInstance(3600)->addFiles(['document.pdf']);

//The second file
AccessToFiles::getInstance(300)->addFiles(['picture.jpg']);

In this part, we create two AccessToFiles objects - one to open access for 1 hour - the second to open access for 5 minutes. And then add the file to each object.

The AccessToFiles class always creates one for the access time, which means that if we do the following after the code above:

$af = AccessToFiles::getInstance(3600);

then the new object will not be created, but only the object created above will be returned for the files available for 1 hour.

To open file access for each instance, you must execute the allowFiles method:

AccessToFiles::getInstance(3600)->allowFiles();
AccessToFiles::getInstance(300)->allowFiles();

This method writes metadata about files (what kind of files, for how long, to whom ...) in the metadata store, by default it's Redis.

Now, if the same user accesses these files, they will be available to him, but after the elapsed time intervals (1 hour and 5 minutes respectively) the carriage again turns into a pumpkin the files will be unavailable again.

For the return of temporarily open files, the lua script for nginx responds, which can climb in Redis b to check whether there is data for the requested file, if there is, it gives the file.

How does the lua script determine the user?

When writing metadata about the file AccessToFiles uses the Finger print method, it tries to collect as much data about the current user so that its user can not be confused with anyone.

By default, only the session identifier is used for this, but HTTP headers can also be used in case the session is stolen.

Note: the lua script stored in the project will only work with the default identification set, i.e. if only the session identifier is used, minor enhancements will be required to expand the set.


Documentation