doomtube/beeta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit - realms platform

Browse source
This commit is contained in:
doomtube 2026-01-05 22:54:27 -05:00
parent c590ab6d18
commit c717c3751c
234 changed files with 74103 additions and 15231 deletions
Download patch file Download diff file Expand all files Collapse all files

29
openresty/lua/redis_helper.lua
View file

@ -2,19 +2,33 @@ local redis = require "resty.redis"
local _M = {}
-- Cache password at module load time (works better with OpenResty)
local REDIS_PASSWORD = os.getenv("REDIS_PASS")
local function get_redis_connection()
local red = redis:new()
red:set_timeouts(1000, 1000, 1000) -- connect, send, read timeout in ms
local host = "redis" -- Will be resolved by nginx resolver
local port = tonumber(os.getenv("REDIS_PORT")) or 6379
local ok, err = red:connect(host, port)
if not ok then
ngx.log(ngx.ERR, "Failed to connect to Redis: ", err)
return nil
end
-- Authenticate if password is set
if REDIS_PASSWORD and REDIS_PASSWORD ~= "" then
local res, err = red:auth(REDIS_PASSWORD)
if not res then
ngx.log(ngx.ERR, "Failed to authenticate to Redis: ", err)
return nil
end
else
ngx.log(ngx.WARN, "No Redis password set, trying without auth")
end
return red
end
@ -69,7 +83,8 @@ function _M.validate_viewer_token(token, expected_stream_key)
-- Check if the token is for the expected stream
if res ~= expected_stream_key then
ngx.log(ngx.WARN, "Token stream mismatch. Expected: ", expected_stream_key, " Got: ", res)
-- SECURITY FIX: Redact stream keys from logs to prevent exposure
ngx.log(ngx.WARN, "Token stream mismatch. Expected hash: ", ngx.md5(expected_stream_key):sub(1, 8), " Got hash: ", ngx.md5(res):sub(1, 8))
return false
end
@ -81,9 +96,9 @@ function _M.refresh_viewer_token(token)
if not red then
return false
end
-- Refresh TTL to 30 seconds
local ok, err = red:expire("viewer_token:" .. token, 30)
-- Refresh TTL to 5 minutes on each HLS segment access
local ok, err = red:expire("viewer_token:" .. token, 300)
if not ok then
ngx.log(ngx.ERR, "Failed to refresh token TTL: ", err)
end