[Nginx Module] Authentication using Memcached

If you don’t know about Nginx, take a look at its wiki page.

I had spent one month to dig inside Nginx code and what I’ve done so far is a module called ngx_memcached_auth_module.

This module uses the requested file name and token parameter from url to fetch the value from memcached server. If there’s no value found, the server will return 403 code (Forbidden Access), otherwise users are free to access the file. If the option “ip_check” is turned on, it also checks if the IP of requester is the same as the returned value.

This module is useful in some specific cases such as video streaming, restricting resources access on IP addresses, etc.

Here is the sample configuration part of this module :

    location /download/ {
        root html;
        index index.html index.htm;
        set $memcached_auth_token_key bogus;
        if ($args ~ token=(.*))
        {
            set $memcached_auth_token_key $1;
        }
        memcached_auth /memcached/;
        ip_check 1;
    }

    location /memcached/ {
        root html;
        index index.html index.htm;
        set $memcached_key bogus;
        if ($args ~ token=(.*))
        {
            set $memcached_key $1;
        }
        memcached_pass 127.0.0.1:11211;
        default_type text/html;
    }

In the sample above :

• download is the location that stores the requested files
• memcached is the temporary location that uses ngx_memcached_module of nginx to fetch value from memcached.
• the directive ip_check in download location is optional.

The source code can be found here.