[PR #104] [MERGED] Add signature generation: Closes #96 #886

New issue

Closed

opened 2026-03-15 15:41:11 +03:00 by kerem · 0 comments

kerem commented

2026-03-15 15:41:11 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/flyimg/flyimg/pull/104
Author: @sadok-f
Created: 7/20/2017
Status: ✅ Merged
Merged: 8/21/2017
Merged by: @sadok-f

Base: master ← Head: add-signature-generation

📝 Commits (4)

2ca0d25 Add signature generation: Closes #96
f77e5e0 Fix codeclimate warning, closes #96
0254da7 Throw exception when calling encrypt fct and securoty key is empty closes #96
896a796 Merge branch 'master' into add-signature-generation

📊 Changes

5 files changed (+187 additions, -19 deletions)

View changed files

📝 app.php (+18 -7)
📝 config/parameters.yml (+5 -1)
📝 src/Core/Handler/ImageHandler.php (+11 -1)
📝 src/Core/Handler/SecurityHandler.php (+91 -10)
📝 tests/Core/Handler/SecurityHandlerTest.php (+62 -0)

📄 Description

Adding a new security layer to Flyimg application, thanks to @joelwurtz who submitted a RFC #96.
Files changed:
parameters.yml:

#security key
security_key: ""
security_iv: "Secret Initialization vector(IV)"

To enable the security check, you have to add a Security key to security_key param, and all requested to flyimg should be hashed.

How I can hash my request?
The SecurityHandler has a public encrypt function responsible for encrypt/decrypt requests.
We added a simple command line to encrypt the url and generate the hashed one.
Example:

docker exec flyimg php app.php encrypt w_200,h_200,c_1,rf_1/https://m0.cl/t/resize-test_1920.jpg

next with the generated hash you can access you image by calling:
http://localhost:8888/upload/SnNSOFp4d3RYV1pET1k2di9pUk1nUTZneGRaYk9HUEJsWjlXODdGb1JjL0pSOFcxTTJvMDhHVWZJa1kvVkl4STh0L2tiTkw3TGpmTU9TSU5yL1FnM1E9PQ==

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/flyimg/flyimg/pull/104 **Author:** [@sadok-f](https://github.com/sadok-f) **Created:** 7/20/2017 **Status:** ✅ Merged **Merged:** 8/21/2017 **Merged by:** [@sadok-f](https://github.com/sadok-f) **Base:** `master` ← **Head:** `add-signature-generation` --- ### 📝 Commits (4) - [`2ca0d25`](https://github.com/flyimg/flyimg/commit/2ca0d25715066e0c78708807e25ce80839d27eff) Add signature generation: Closes #96 - [`f77e5e0`](https://github.com/flyimg/flyimg/commit/f77e5e09cd9f253882193ddc9f6cea1ef28eec76) Fix codeclimate warning, closes #96 - [`0254da7`](https://github.com/flyimg/flyimg/commit/0254da7dc6829ed6fce78f74094e1929fa69cb21) Throw exception when calling encrypt fct and securoty key is empty closes #96 - [`896a796`](https://github.com/flyimg/flyimg/commit/896a79685ed139982b859b2eed066a41d11426cc) Merge branch 'master' into add-signature-generation ### 📊 Changes **5 files changed** (+187 additions, -19 deletions) <details> <summary>View changed files</summary> 📝 `app.php` (+18 -7) 📝 `config/parameters.yml` (+5 -1) 📝 `src/Core/Handler/ImageHandler.php` (+11 -1) 📝 `src/Core/Handler/SecurityHandler.php` (+91 -10) 📝 `tests/Core/Handler/SecurityHandlerTest.php` (+62 -0) </details> ### 📄 Description Adding a new security layer to Flyimg application, thanks to @joelwurtz who submitted a RFC #96. Files changed: parameters.yml: ``` #security key security_key: "" security_iv: "Secret Initialization vector(IV)" ``` To enable the security check, you have to add a Security key to `security_key` param, and all requested to flyimg should be hashed. **How I can hash my request?** The SecurityHandler has a public encrypt function responsible for encrypt/decrypt requests. We added a simple command line to encrypt the url and generate the hashed one. Example: ``` docker exec flyimg php app.php encrypt w_200,h_200,c_1,rf_1/https://m0.cl/t/resize-test_1920.jpg ``` next with the generated hash you can access you image by calling: `http://localhost:8888/upload/SnNSOFp4d3RYV1pET1k2di9pUk1nUTZneGRaYk9HUEJsWjlXODdGb1JjL0pSOFcxTTJvMDhHVWZJa1kvVkl4STh0L2tiTkw3TGpmTU9TSU5yL1FnM1E9PQ==` --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>