Skip to content
/ caddy-signed-urls Public

Caddy Server Middleware adding support for Signed URLs (including expiration)

7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AnTheMaker/caddy-signed-urls

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
signedurls.go
signedurls.go
 
 

Repository files navigation

caddy-signed-urls

A tiny Caddy Server Middleware adding support for Signed URLs. (under development, not ready for production use yet)

Install

You can build Caddy bundled with this Plugin with the xcaddy tool:

xcaddy build --with github.com/anthemaker/caddy-signed-urls

How to use

In your Caddyfile:

@allowed {
  signed "supersecretsigningkey"
}
respond @allowed "Yeyy! The URL signature is valid!" 200
respond "Error: Invalid Signature" 403

How to sign a URL

To sign a URL, simply take

  • the secret key
  • the whole URL you want to request

mesh them together, and SHA256-Hash it. Then append it as a URL parameter with the name ?token=

Example: SHA256(supersecretsigningkey + url)

That's it!

Bonus tip: Signed URLs that expire!

Just add a ?expires= query parameter to the URL with a valid UNIX timestamp of the date the URL should become invalid. Because it's part of the URL, it's included in the token-hash and can't be modified by others.

Todo: More Documentation

About

Caddy Server Middleware adding support for Signed URLs (including expiration)

Topics

caddy

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages