Secure Link Md5 Implementation

anish10dec nginx-forum at
Wed Jul 26 16:12:07 UTC 2017

Trying  to implement the secure link md5 token check .

Is there a way to verify  secure link i.e. to generate token using secret
key and verify the token. If it matches it should allow the request .
And also to allow the request for token which doesn't matches so that while
rolling out the update it may happen that some of the client request will
come without token . 
Those request should also get allowed meanwhile till all the client are
updated with new update of enabling token based authentication.

Secondly, Is there a way to implement the token authentication with two
secret key i.e primary and secondary
So that If the first one did not work, then try the second one.
This would be helpful while changing the Secret Key in production so that
some user will be allowed with old secret and some with new secret whose
client has been updated.

Posted at Nginx Forum:,275668,275668#msg-275668

More information about the nginx mailing list