新增cookie登录鉴权模式,避免secret硬编码鉴权安全缺陷

This commit is contained in:
xia-chu
2026-02-19 22:56:23 +08:00
parent 22dede5a18
commit 3a35144243
8 changed files with 201 additions and 46 deletions

View File

@@ -61,6 +61,11 @@ bool HttpServerCookie::isExpired() {
return _ticker.elapsedTime() > _max_elapsed * 1000;
}
void HttpServerCookie::setExpired() {
_ticker.resetTime();
_max_elapsed = 0;
}
void HttpServerCookie::setAttach(toolkit::Any attach) {
_attach = std::move(attach);
}

View File

@@ -118,6 +118,11 @@ public:
*/
bool isExpired();
/**
* 使cookie过期作废
*/
void setExpired();
/**
* 设置附加数据
* Set additional data

View File

@@ -31,7 +31,7 @@ namespace mediakit {
// If the player does not access the cookie within 60 seconds, the hls playback authentication will be triggered again.
static size_t kHlsCookieSecond = 60;
static size_t kFindSrcIntervalSecond = 3;
static const string kCookieName = "ZL_COOKIE";
static const string kCookieName = "ZLM_HTTP_COOKIE";
static const string kHlsSuffix = "/hls.m3u8";
static const string kHlsFMP4Suffix = "/hls.fmp4.m3u8";