UPDATE: Changed NGINX to use an auth module

2025-03-03 21:01:53 +00:00
parent b454386b29
commit 8c465b9734
1 changed files with 12 additions and 0 deletions
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -87,6 +87,8 @@ http {

        ## Cacheable HLS files, ts
        location ~ ^/stream/(.+)/(.+\.ts)$ {
+            # Call backend to check permission
+            auth_request /auth_stream/$1;
            alias /user_data/$1/stream/$2;

            # Let the MPEG-TS video chunks be cacheable
@@ -112,6 +114,16 @@ http {
            expires -1d;
        }

+        ## Auth request for HLS
+        location = /auth_stream/$1 {
+            internal;
+            proxy_pass http://web_server:5000/stream/$1/direct_live_status;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        }
+        
+
        location ~ ^/\?token=.*$ {
            proxy_pass http://frontend:5173;
            proxy_http_version 1.1;