Merlin Secure Token allows you to secure your content by using a unique hash code. This code will help you authorize connections. It only works on static distributions.
To be able to use this feature, follow the steps below:
1. Go to the distributions page by clicking on the sidebar.
2. Click on the static distribution, wanted to be secured with a token.
3. Go to the Page Rules section.
4. Select the relevant Page Rule.
5. Scroll down to the Secure Token section.
6. Select Yes from the dropdown menu.
Now, you have enabled the Secure Token Policy.
Now, you will see two new input areas: Add Client IP on Token Generation and Secret.
7. The first one, Add Client IP on Token Generation allows you to create links that will only be accessible from the IP addresses of the client who generated the link, only if selected Yes from the dropdown menu.
8. The second one, Secret is used in the token generation. It is an alphanumeric string which means it can only contain letters or numbers.
9. Click on the Update Page Rule button.
Now, you should generate the secure token links and include them on your website for secure access. The link generation code is below:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using System.Web;
namespace Security
{
public class TokenGenerator
{
public static string CreateSecureLink(string url, string clientip, long second, string secret)
{
Encoding enc = Encoding.ASCII;
DateTime epochTime = newDateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
TimeSpan span = (DateTime.Now.AddSeconds(second).ToUniversalTime() -epochTime);
string timestr = span.TotalSeconds.ToString("0");
if(clientip== null)
{
clientip= "";
}
Uri uri = newUri(url);
string key = secret + uri.AbsolutePath + timestr + clientip;
MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();
Byte[] hashedDataBytes = md5Hasher.ComputeHash(enc.GetBytes(key));
string hash = Convert.ToBase64String(hashedDataBytes, 0, hashedDataBytes.Length);
hash = hash.Replace('+', '-').Replace('/', '_').Replace("=", "");
string returnurl = AddQuerryParameter2URL(url, "st", hash);
returnurl = AddQuerryParameter2URL(returnurl, "e", timestr);
return returnurl;
}
public static string AddQuerryParameter2URL(string url, string parameter, string value)
{
string seperator = "?";
if (url.Contains('?'))
seperator= "&";
return url + seperator + HttpUtility.UrlEncode(parameter) + "=" + HttpUtility.UrlEncode(value);
}
}
}
Secured Link supposed to be in this format:
https://mywebsite.com/{path}?st={secureToken}&e={expire}
Example:
On this example:
Secure Token | aQzw9y-dWC-A2xssn3eQ |
Path | resize/1000x622/d4a84822-ee8f-405a-656e-08d968514b.jpg |
Expire | 1656550447 |
To check the produced links, you can use the following code block:
echo -n '$secret$path$expire' | openssl md5 -binary | openssl base64 | tr +/ -_ | tr -d =
For example:
echo -n 'LL9U5SwiJVuyqzdGXpAPG1eIdFV/resize/500x374/fecb0ef6-dad8-4656-2b57-08d9cfb4e.jpg1640855540' | openssl md5 -binary | openssl base64 | tr +/ -_ | tr -d =
In this example:
Secret | LL9U5SwiJVuyqzdGXpAPG1eIdFV |
Path | /resize/500x374/fecb0ef6-dad8-4656-2b57-08d9cfb4e.jpg |
Expire | 1640855540 |
Comments
Please sign in to leave a comment.