php 如何使用 Amazon S3 创建一次性下载链接?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19467460/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I create a one time download link with Amazon S3?
提问by Muggles
I want to create a one time download link to an amazon s3 hosted file. This link expires once the file has been downloaded.
我想创建一个指向亚马逊 s3 托管文件的一次性下载链接。下载文件后,此链接将失效。
I want this file to still be hosted but a visitor can only download the file once.
我希望仍托管此文件,但访问者只能下载该文件一次。
The scenario I need this for is: I have a file download website where users pay for a file. I want the user to only be able to download the file once from the website (and Amazon s3), I also do not want the user to be able to share a direct download link with other people.
我需要这个的场景是:我有一个文件下载网站,用户可以在其中支付文件费用。我希望用户只能从网站(和 Amazon s3)下载文件一次,我也不希望用户能够与其他人共享直接下载链接。
If this isn't possible I wonder if it is more efficient to limit it by an IP address or Cookie if possible?
如果这是不可能的,我想知道如果可能的话,通过 IP 地址或 Cookie 来限制它是否更有效?
回答by Charles Engelke
There is no way to tell S3 to allow a link to be used only once. But you can create a link that can only be used until a specified time. What I do is redirect the requester to an S3 link that expires in a few minutes, so he or she doesn't have time to share it. You can make that expiration time very short, even a few seconds, so long as their browser has time to receive the redirect response and follow it.
没有办法告诉 S3 只允许使用一次链接。但是您可以创建一个只能在指定时间之前使用的链接。我所做的是将请求者重定向到几分钟后过期的 S3 链接,因此他或她没有时间分享它。您可以将过期时间设置得非常短,甚至几秒钟,只要他们的浏览器有时间接收重定向响应并遵循它。
回答by okwap
You can write an "one time url generator" service (either in form of website or rest API) and make use of aws federated user feature to achieve this.
您可以编写“一次性 url 生成器”服务(以网站或休息 API 的形式)并利用 aws 联合用户功能来实现这一点。
Consider the following procedure:
考虑以下过程:
- When user wants a one time url, they send the request to your "one time url generator" service.
- The your service generates a "one time url" and returns it to the user. The url is a one-to-one mapping to the S3 resource the user wants.
- When the user makes a requests to the "one time url", the service creates a temporary user using the AWS federated user feature, and generates an S3 presigned url on behalf of the temporary user.
- The service sends the response back to the user, redirecting to the presigned url.
- The user follows the redirection, and starts downloading the file.
- The service then deletes the temporary user. (Or lets it expire.)
- 当用户需要一次性网址时,他们会将请求发送到您的“一次性网址生成器”服务。
- 您的服务会生成一个“一次性 url”并将其返回给用户。url 是到用户想要的 S3 资源的一对一映射。
- 当用户向“一次性 url”发出请求时,该服务会使用 AWS 联合用户功能创建一个临时用户,并代表临时用户生成一个 S3 预签名 url。
- 该服务将响应发送回用户,重定向到预先签名的 url。
- 用户遵循重定向,并开始下载文件。
- 该服务然后删除临时用户。(或者让它过期。)
