Server authorization based on token with expiration

Martin819

4/25/24, 11:26 AM

I'm trying to be able to create video streaming over HTTP which would specific authorization method described below, but I'm not sure how to approach this.

Currently I'm using the Motion package which allows you to easily forward video stream from local camera over the Internet. It also offers authorization with username and password. For my use case this is, however, not ideal.

My idea is that I want to on-demand be able to provide link to the user which will allow him to repeatedly access the stream for some limited time. Ideally, this would be some token in the form of URL parameter (https://www.link.com/stream?authId=FGJNDKD1256DD), which would allow anyone with this token to connect to stream, without any other authorization, but the token would also expire after let's say 1 hour.

Anyone has any idea how to achieve this? Will I need to write my own web application with custom token generation and authorization handling or is there any web server which offers such kind of authorization out of the box?

Thank you

2 + 0

linux

web-server

authorization

Score:1

Server

Nibin Baby

5/9/24, 4:24 AM

To achieve the desired video streaming authorization method, you may need to implement a custom solution. One possible approach could be to generate a unique token for each user requesting access to the video stream, and associate that token with an expiration time.

Here are some steps you could take to implement this:

Generate a random token string: You can use a library such as uuid in Python to generate a unique token string.
Store the token and its expiration time: You can store this information in a database, such as SQLite or MySQL. Each time a user requests access to the video stream, you can check the token against the database to verify its validity and expiration time.
Create a custom endpoint for video streaming: You can create a custom endpoint that accepts the token as a parameter and checks it against the database. If the token is valid and has not expired, the endpoint can return the video stream. If the token is invalid or has expired, the endpoint can return an error message.
Serve the video stream: You can use a web server such as NGINX to serve the video stream. NGINX has support for HTTP Live Streaming (HLS) and can serve video in a variety of formats, including MP4 and MPEG-TS.

Overall, this approach will require some programming and database setup, but it should allow you to provide the specific authorization method you are looking for.

+ 1

Greg Askew

5/9/24, 4:55 AM

You certainly could store this information in a database. It may perform better if the relevant information were stored in the token (signed by the issuer), such as the expiry. That way the server can validate the request without hitting the database. Basically adding OAuth2 and JWT tokens. https://www.oauth.com/oauth2-servers/access-tokens/self-encoded-access-tokens/

Score:0

Server

Sabre

5/8/24, 1:42 PM

Just give them a unique ID such as a UUID or GUID, or some hash username with time + salt value. Store that key at creation in a lookup table with expiration date.

URL passes in key, key gets looked up, if past expiration, do not honor.

Regularly purge table of keys past expiration.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Server authorization based on token with expiration

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.