Video Tutorial Authorization sub-request via Nginx

In this tutorial, I suggest you discover how to use nginx and its subquery system to manage access to resources.

The problem

As part of our application, we want to distribute large files but we don't want to manage this distribution from our code (because we don't want to block a PHP thread for a long time, for example). We therefore want to use nginx which is designed for this kind of thing while keeping the possibility of limiting access to the content to users who are authenticated (or according to a particular logic).

The solution

Nginx has a system capable of performing a sub-request in order to determine whether or not the user has the right to access the resource.

location / stream / {
    auth_request /index.php;
    alias / var / www / videos /;

All information related to the initial request (header and URL) will be transmitted to this sub-request. The status returned by this subquery will determine whether the user has access to the resource:

  • 401 or 403 will block access to the resource
  • 2xx will allow access.