README

此bundle使部署安全下载文档解决方案变得更容易、更快，使用缓存引擎如Memcached或Redis。

许多缓存系统都得到了支持，多亏了tedious/TedivmStashBundle！目前默认使用服务@stash，但您可以自由地覆盖我的服务声明以使用您自己的。

基本用法

为了访问受保护的资源或文件，您需要预先授权。

您可能需要一个系统上的文件路径（完整路径）或一些您想要保存的数据。这可以是整个base64数据，也可以是仅用于检索其他数据的某些数据（例如通过web服务）。

为了实现这一点，您需要生成一个由编码器和解码器都知道的访问密钥。这将允许您安全地访问您的资源或文件，它可以是简单的哈希或字符串，如果上下文不依赖于它，也可以是盐与当前登录用户的唯一标识符的混合，您也可以使用cookie或会话变量来保存它。您可以自由尝试不同的方法。

以下是一些常用用例的快速示例

我在API上有一个路径，我不想在前端暴露

交易ID生成

此路径只能由触发其生成的用户访问。如果您将下载链接分享给其他人，这个人将无法下载。

为此，我们需要某种可以唯一识别触发交易ID哈希的用户的东西。userID是完美的。如果我们想允许共享或下载链接，我们可以使用不依赖于用户的东西。

public function generateHashAction()
{
    $secureDownloader = $this->get('screamz.service.secure_downloader');
    $currentUser = $this->getAuthenticationManager()->getCurrentUser();

    // Provided by the server (client don't know it), use something that identify the current logged user.
    $accessKey = md5('somecustomhash'.$currentUser->getId());

    try{
        // This return a string
        $transactionID = $secureDownloader->preAuthorizeDocumentPath('/home/site/www/document.txt', $accessKey);
    } catch {DownloadRequestException $e){
        // Do something with errors
        var_dump($e->getReasons());
         
        // Throw a 400 / 500 HTTP exception
        throw new HttpException(500);
    }
    
    // Do something...
    
    // Return response with the transactionID or render a template with link to download controller...
}

使用给定的交易ID以安全的方式下载文件

public function downloadAction($transactionID)
{
    $secureDownloader = $this->get('screamz.service.secure_downloader');
    $currentUser = $this->getAuthenticationManager()->getCurrentUser();

    // Provided by the server (client don't know it), use something that identify the current logged user.
    $accessKey = md5('somecustomhash'.$currentUser->getId());
    
    try {
        $binaryResponse = $secureDownloader->getResourceBinaryFileResponse($transactionID, $accessKey);
        return $binaryResponse;
    } catch (DownloadRequestException $e) {
        // Do something with errors
        var_dump($e->getReasons());
        
        // Throw a 400 / 500 HTTP exception
        throw new HttpException(500);
    }
}

我想保存一些数据，以便稍后查询远程API以获取某些内容

生成交易ID

public function generateHashAction()
{
    $secureDownloader = $this->get('screamz.service.secure_downloader');
    $currentUser = $this->getAuthenticationManager()->getCurrentUser();

    // Provided by the server (client don't know it), use something that identify the current logged user.
    $accessKey = md5('somecustomhash'.$currentUser->getId());

    try{
        // This return a string
        $transactionID = $secureDownloader->preAuthorizeResource(json_encode(['token' => 'sometoken'], $accessKey);
    } catch {DownloadRequestException $e){
        // Do something with errors
        var_dump($e->getReasons());

        // Throw a 400 / 500 HTTP exception
        throw new HttpException(500);
    }

    // Do something...

    // Return response with the transactionID or render a template with link to download controller...
}

在检查授权后检索资源

public function downloadAction($transactionID)
{
    $secureDownloader = $this->get('screamz.service.secure_downloader');
    $currentUser = $this->getAuthenticationManager()->getCurrentUser();

    // Provided by the server (client don't know it), use something that identify the current logged user.
    $accessKey = md5('somecustomhash'.$currentUser->getId());

    try {
        $resource = $secureDownloader->getResource($transactionID, $accessKey);
    } catch (DownloadRequestException $e){
        throw $this->createAccessDeniedException('Accès à la ressource non autorisé.');
    }

    $params = json_decode($resource->getTransactionSavedData(), true);

    // Call Webservice from here using $params
}

文档

• 错误代码
• 默认配置