Nginx location block rewrite using Unix UserID

I have a security scheme in mind for a wordpress site using Nginx location block level rewrites when serving video intended for Mobile/Tablet platforms.

The mobile OS point is key criteria, although when this is working I will use this system to secure desktop/laptop user agents as well.

Please note that this is intended to be a cost-effective solution because I am already chunking, encrypting and streaming for iOS and Android when the client can pay, or they have more robust needs.

Considering that WP users can most easily be distinguished by ID, and that I am anticipating keeping my location directive simple as possible, I want to do the following:

  1. location /var/www/mydomain/video/* rewrites to ~/(userID)/videoFile.mp4

the trick is getting the userID from WordPress into a scheme that Nginx can use in the location block, so I thought adding WP user "X" to Unix users as "userX" would help make this simple.

I thought of the security model (and the Nginx rewrite module) like a railroad switch to send each user down their own unique numbered track, so that the front end handles basic authentication for userID, Nginx handles transport, and the pot of gold at the end of the track gets added when any product or whatever is valid for userID.

Therefore, only authenticated (logged in) userID can in theory access a paid video, but ANY user can request it... with variable results hehe.

  1. To keep the interface and code maintenance on the front end simple, and the back end simple and perfomant, I want to use just 1 location directive which will take ANY request to ( mydomain/video/* ) and write to /var/www/video/userX/~

note that web-root is /var/www/mydomain so I am rewriting video location outside web-root!

The request URI will be fully formed on the front end and provided to any eligible member's video player as (.webm whatever...) and so part of the URI will need to be preserved.

but if I am UserID "13" in wordpress which is, what is the best way to tell Nginx I'm user "user13" in a single location directive?

sorry kind of a long setup, but this is the simplest part of the scheme I can present- to me just one component with several working parts.

Also, I am developing this solution currently, will be done in less than a week. I would love to hear any feedback, and of course I'm looking for some "expert advice" from someone who gets shell scripting better than I do.


# thanks to Olivier Dulac from StackOverflow
export NBMIN=15

#find all subdirs jsut underneath each /var/www/flash/avmin/*/ that are $NBMIN minutes   old
for xdir in $(find /var/www/flash/avmin -type d -mindepth 2 -maxdepth 2 -cmin +${NBMIN} )
    #for those dirs, delete symlinks "just underneath", that are older than $NBMIN minutes
    find "$xdir" -mindepth 1 -maxdepth 1 -type L -cmin +${NBMIN} -exec rm '{}' \;
    #and then if there is nothing else in that dir, delete it:
    command rmdir "$xdir" -rf 
    #without -f and -r... will only remove "$i" directory if it's   empty!

Need Your Help

Extreme negative number when calling car class

c++ class negative-number

I nearly have this program finished but I keep getting an extreme negative number, and can not figure out why. It subtracts and adds 5 for each call of accelerate and decelerate like it should but ...

Preg_replace/str_replace() for changing `&lt;` and `&gt;` instances to `<` and `>` respectively

preg-replace str-replace

One of our pages pulls content from a database table using the following code: