安全地存储可下载的文件
我正在开发一种工具,最终允许用户从网络购买和下载文件。我想知道如何安全地托管可下载文件,以便未经授权的用户在不先购买的情况下无法下载文件。
用户可以从网站购买文件,然后可以根据需要随时访问可下载的文件。
这是一个由两部分组成的问题:
- 我如何确保付费文件不会被未经授权的人下载?以及
- 我应该如何处理身份验证以检查用户是否可以下载付费文件?
对于第一个问题,我猜测我将文件存储在散列目录名中,这样猜测几乎是不可能的? S3 服务器是一个好的解决方案吗?在这方面我需要注意哪些问题?
对于第二个问题,我猜我可以在数据库中创建一个表,用于存储将用户与文件关联的购买行为,如下所示:
purchases table
-> id
-> hash (unique purchase identifier)
-> user (foreign key)
-> file (foreign key)
-> ...other stuff here like timestamp, etc...
...然后使用应用程序检查用户是否进行了购买,因此下载的 URL 为:
http://www.example.com/something/download/sd9f7u23ihosd8087603/
...然后将搜索具有哈希值的记录sd9f7u23ihosd8087603 并确保它存在并且与当前用户关联。然后从那里将它们定向到文件系统上的文件...
这是一个好方法吗?有没有更优秀的解决方案?我确信我在这里遗漏了详细信息...
该应用程序是用 Django 编写的,如果这对问题有任何影响的话。另一个值得注意的是,该网站上将提供免费和付费下载。
注意:这个问题类似于我要问的问题: 让 Django 提供可下载文件
I'm working on a tool that will eventually allow users to purchase and download files from the web. I am wondering how to go about hosting the downloadable files safely/securely so that unauthorized users aren't able to download the files without purchasing them first.
Users would purchase the file from the website and then have access to the downloadable file for as long as they need.
This is a two part question:
- How can I go about making sure paid files aren't downloaded by unauthorized people?, and
- How should I handle the authentication for checking if a user can download a paid file?
For the first question, I am guessing that I store the files in a hashed directory name so that guessing would be near impossible? Would an S3 server be a good solution here? What concerns do I need to be aware of in this regard?
For the second question, I'm guessing that I can create a table in the database that stores purchases that associate a user to a file, like so:
purchases table
-> id
-> hash (unique purchase identifier)
-> user (foreign key)
-> file (foreign key)
-> ...other stuff here like timestamp, etc...
... and then using the application check that the user made the purchase, so the URL to the download would be:
http://www.example.com/something/download/sd9f7u23ihosd8087603/
...which would then search for a record that has the hash sd9f7u23ihosd8087603 and make sure it exists and that it is associated with the current user. Then from there, direct them to the file on the filesystem...
Is this a good way to go? Is there a superior solution? I'm sure I am missing details here...
The application is written in Django, if that has any bearing on the issue. Another note is that there will be both free and paid downloads available on the site.
Note: this question is similar to what I am asking: Having Django serve downloadable files
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果...
1) 将文件存储在 Apache 无法直接访问的目录中。
2) 在“购买文件”视图中创建一个用户特定的符号链接(使用您的哈希值),该符号链接指向实际文件并重定向以允许 Apache 通过符号链接提供该文件
3) 运行一个 cron 作业,在 x 小时后删除符号链接被创造。
What if...
1) Store the files in a directory that is not directly accessible by Apache.
2) In your "Purchase a file" view create a user specific symlink (using your hashes) which points to the actual file and redirect to allow Apache to serve the file via the symlink
3) Run a cron job that deletes symlinks after x hours of being created.