1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Video streaming: protecting your video streams with a unique hash code (token)
This guide gives indications on how to secure a video stream with a unique hash code (token).
This method offers the best level of protection and, for example, enables you to limit your broadcasts to a member space requiring authentication. The method of generating this code is specific to each site, so it will be necessary to implement the required PHP functions and adapt the intégration code of your player accordingly.
Accessing the restriction settings
- open the Manager (manager.infomaniak.com)
- go to Video streaming
- click on the stream concerned
- go to Settings then Restrictions in the menu on the left
- go to the By unique hash tab
How restrictions by unique hash code work
This method requires that you recover information related to the configuration of your stream and the internet user who logs in.
First of all, it is necessary to define a password (a key) via our admin console. As soon as this key is added, the viewers connected and those who try to view your stream will be immediately blocked.
Here is the principle to follow to authorise access to your stream:
- Design an authentication system (e.g., a member space)
- Take the password configured above in our console
- Recover the IP of the internet users via $_SERVER["REMOTE_ADDR"] for example
- Take the identifier of the stream to target
- Recover the date as well as the current time (without the minutes and secondes)
These elements will then be hashed by the code provided in the Manager in order to generate a single and unique token for each user that will be transferred to the stream when it loads. Our streaming platform will then check the validity of the hash in order to authorise or reject the connection.
Important remarks
- In order to guarantee the security of the access to the stream, the duration of the validity of each token is limited.
- It is important to disable the cache on the pages that enable access to the stream. If the generation of the token is cached, other users will try to authenticate themselves with the hash of another, which will cause them to be rejected even if they are authorised to access the stream.