hexpreview

README.org

#+OPTIONS: ^:{} toc:nil
#+STARTUP: showall

* elli_cloudfront
[[https://travis-ci.org/elli-lib/elli_cloudfront][file:https://travis-ci.org/elli-lib/elli_cloudfront.svg?branch=master]]
[[https://github.com/elli-lib/elli_cloudfront/releases/latest][file:https://img.shields.io/github/tag/elli-lib/elli_cloudfront.svg]]
[[https://github.com/erlang/otp/releases][file:https://img.shields.io/badge/erlang-%3E%3D%2017.0-red.svg]]
[[http://elli-lib.github.io/elli_cloudfront][file:https://img.shields.io/badge/docs-80%25-green.svg]]
[[file:LICENSE][file:https://img.shields.io/badge/license-BSD-blue.svg]]

[[https://github.com/knutin/elli][Elli]] middleware to manage [[http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html][CloudFront signed cookies]].

** Build
#+BEGIN_SRC fish
rebar3 compile
#+END_SRC

** Example
[[file:priv/example.lfe][priv/example.lfe]]

#+BEGIN_SRC fish
# rebar3 compile
lfe priv/example.lfe
#+END_SRC

#+BEGIN_SRC http
HTTP/1.1 302 Found
Date: Wed, 30 Mar 2016 01:02:46 GMT
Expires: Wed, 30 Mar 2016 02:02:46 GMT
Location: https://d123456789abcde.cloudfront.net
Set-Cookie: CloudFront-Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cDovL2V4YW1wbGUuY29tLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE0NTkyODUzNjZ9fX1dfQ__
Set-Cookie: CloudFront-Signature=QgpGJ04j48DNbLdaC5bRJBQNzwPSQvtkY-y-VosdRaQ0RS5yLd~JA34VD~G5OsroUJPNChN4ptCTFPfdEazcxbmrAfHvpY~NW-3UWXJYqQ~8ZqnOApUnoooH89T~6N8ul4Ss1y6bSFH9pAq2MQVELupmtW359hd~-4oC7kKJrP-4TJrrGA6OwNQ-~JKRDpapA0E8OR8Ns-8OOh3FUQruwrWuR6edZUuq02WvhyNLVkLE8O5avLl7EwVNSx2bNXkTrIsI4gGB7sBOFbaW62RkSb~dmYu~Db06ytzYfW61R49WkXzAVgzsu2SDsI6KMX6jayA9UTnt40OFgbuQZkE34g__
Set-Cookie: CloudFront-Key-Pair-Id=AKEXAMPLE123
#+END_SRC

** Minimal example ~elli_cloudfront_handler~
#+BEGIN_SRC lfe :tangle priv/example-cf-handler.lfe
(defmodule example-cf-handler
  (behaviour elli_cloudfront_handler)
  ;; elli_cloudfront_handler callbacks
  (export (is_authorized 3)
          (store_ticket 2) (validate_ticket 2) (delete_ticket 1)))

;; Defines #ticket{} and includes elli.hrl
(include-lib "elli_cloudfront/include/elli_cloudfront.hrl")

(defun is_authorized (_req _service _args)
  ;; TODO:
  ;; - Parse req for user info
  ;; - Confirm or deny user is authorized to view service
  ;; - Return a user id
  #(ok #"USERID"))

(defun store_ticket (_user _ticket)
  ;; TODO: Store user's ticket
  'ok)

(defun validate_ticket (_req _token)
  ;; TODO:
  ;; - Parse req for user info
  ;; - Fetch ticket by token
  ;; - Confirm or deny that it belongs to the user
  ;; - Return the "service" associated with the ticket
  #(ok #"https://d123456789abcde.cloudfront.net"))

(defun delete_ticket (_token)
  ;; TODO: Delete the ticket with the given token
  'ok)
#+END_SRC