FastDFS内置防盗链采用Token的方式。Token是带时效的,也就是说在设定的时间范围内,比如1分钟,token是有效的。token包含了文件id、时间戳ts和密钥。
FastDFS在URL中带上当前时间戳和带时效的token,参数名分别为ts和token。Token的生成和校验都是在服务端,因此不会存在安全问题。
例如:
http://你的IP/meng/M00/00/00/rBFE2VwohBOAOrnIAABDRU16ivg948.png?token=f48b02095128da73e43006d2b53f0001&ts=1546159147
配置文件说明
1、http.conf中防盗链相关的几个参数如下:
# cd /etc/fdfs
# vim /etc/fdfs/http.conf
# if use token to anti-steal
# default value is false (0)
# 是否做token检查,缺省值为false。
http.anti_steal.check_token=true# token TTL (time to live), seconds
# default value is 600
# TTL,即生成token的有效时长(秒)
http.anti_steal.token_ttl=120# secret key to generate anti-steal token
# this parameter must be set when http.anti_steal.check_token set to true
# the length of the secret key should not exceed 128 bytes
# 生成token的密钥,尽量设置得长一些,千万不要泄露出去
http.anti_steal.secret_key=FastDFS1234567890# return the content of the file when check token fail
# default value is empty (no file sepecified)
# 检查失败,返回的文件内容,需指定本地文件名
http.anti_steal.token_check_fail=/home/fileError.png
需重启 tracker、storage 和 nginx
# fdfs_trackerd /etc/fdfs/tracker.conf
# fdfs_trackerd /etc/fdfs/tracker.conf restart
waiting for pid [23891] exit ...
starting ...
# fdfs_storaged /etc/fdfs/storage.conf
# fdfs_trackerd /etc/fdfs/tracker.conf restart
waiting for pid [26848] exit ...
starting ...
# ./nginx -s reload
ngx_http_fastdfs_set pid=26832
2、application-dev.properties
# fastDFS
fdfs.so-timeout=1501
fdfs.connect-timeout=601
fdfs.thumb-image.width=150
fdfs.thumb-image.height=150
fdfs.web-server-url=你的IP/
fdfs.tracker-list[0]=你的IP:22122
fdfs.http.anti_steal_token = true
fdfs.http.secret_key = FastDFS1234567890
项目中增加依赖
<!-- fastDFS -->
<dependency><groupId>com.github.tobato</groupId><artifactId>fastdfs-client</artifactId><version>1.26.2</version>
</dependency>
<dependency><groupId>net.oschina.zcx7878</groupId><artifactId>fastdfs-client-java</artifactId><version>1.27.0.0</version>
</dependency>
引入fastDFS配置
import org.springframework.boot.web.servlet.MultipartConfigFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.EnableMBeanExport;
import org.springframework.context.annotation.Import;
import org.springframework.jmx.support.RegistrationPolicy;import com.github.tobato.fastdfs.FdfsClientConfig;@Configuration
@Import(FdfsClientConfig.class)
@EnableMBeanExport(registration = RegistrationPolicy.IGNORE_EXISTING)// 解决jmx重复注册bean的问题
public class ComponetImport {// 导入依赖组件
}
工具类
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.Charset;import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockMultipartFile;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Service;
import org.springframework.util.Base64Utils;
import org.springframework.web.multipart.MultipartFile;import com.github.tobato.fastdfs.conn.FdfsWebServer;
import com.github.tobato.fastdfs.domain.StorePath;
import com.github.tobato.fastdfs.exception.FdfsUnsupportStorePathException;
import com.github.tobato.fastdfs.proto.storage.DownloadByteArray;
import com.github.tobato.fastdfs.service.FastFileStorageClient;@Component
public class FastDFSClient {@Autowiredprivate FastFileStorageClient storageClient;@Autowiredprivate FdfsWebServer fdfsWebServer;/*** 上传文件* @param file 文件对象* @return 文件访问地址* @throws IOException*/public String uploadFile(MultipartFile file) throws IOException {StorePath storePath = storageClient.uploadFile(file.getInputStream(),file.getSize(), FilenameUtils.getExtension(file.getOriginalFilename()),null);return getResAccessUrl(storePath);}/*** 上传文件* @param file 文件对象* @return 文件访问地址* @throws IOException*/public String uploadFile(File file) throws IOException {FileInputStream inputStream = new FileInputStream (file);StorePath storePath = storageClient.uploadFile(inputStream,file.length(), FilenameUtils.getExtension(file.getName()),null);return getResAccessUrl(storePath);}/*** 将一段字符串生成一个文件上传* @param content 文件内容* @param fileExtension* @return*/public String uploadFile(String content, String fileExtension) {byte[] buff = content.getBytes(Charset.forName("UTF-8"));ByteArrayInputStream stream = new ByteArrayInputStream(buff);StorePath storePath = storageClient.uploadFile(stream,buff.length, fileExtension,null);return getResAccessUrl(storePath);}// 封装图片完整URL地址private String getResAccessUrl(StorePath storePath) {String fileUrl = fdfsWebServer.getWebServerUrl() + storePath.getFullPath();return fileUrl;}/*** 下载文件* @param fileUrl 文件url* @return*/public byte[] download(String fileUrl) {String group = fileUrl.substring(0, fileUrl.indexOf("/"));String path = fileUrl.substring(fileUrl.indexOf("/") + 1);byte[] bytes = storageClient.downloadFile(group, path, new DownloadByteArray());return bytes;}/*** 删除文件* @param fileUrl 文件访问地址* @return*/public void deleteFile(String fileUrl) {if (StringUtils.isEmpty(fileUrl)) {return;}try {StorePath storePath = StorePath.praseFromUrl(fileUrl);storageClient.deleteFile(storePath.getGroup(), storePath.getPath());} catch (FdfsUnsupportStorePathException e) {e.getMessage();}}}
文件的上传、下载 与 访问获取的 token
import org.apache.commons.io.IOUtils;
import org.csource.common.MyException;
import org.csource.fastdfs.ProtoCommon;
import org.meng.project.common.FileUtil;
import org.meng.project.entity.Filesource;
import org.meng.project.service.ExcelService;
import org.meng.project.service.FileService;
import org.meng.project.util.FastDFSClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.time.Instant;
import java.util.*;import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;@Controller
@RequestMapping("/fdfs")
public class FastDFSController {@Autowiredprivate FastDFSClient fdfsClient;@Value("${fdfs.web-server-url}")private String fastdfsUrl;@Value("${fdfs.http.secret_key}")private String fastdfsToken;/*** 文件上传* @param file* @return* @throws Exception*/@RequestMapping("/upload/file")@ResponseBodypublic Map<String,Object> upload(@RequestParam("file") MultipartFile file, Model model) throws Exception{Map<String,Object> resultMap = new HashMap<>();String url = null;try {url = fdfsClient.uploadFile(file);resultMap.put("code", 200);resultMap.put("message", "上传成功");resultMap.put("url", url);System.out.println(url);} catch (Exception e) {// TODO: handle exceptionresultMap.put("status", 500);resultMap.put("message", "上传异常!");}return resultMap;}/*** 文件下载* @param fileUrl url 开头从组名开始* @param response* @throws Exception*/@RequestMapping(value="/download", method = {RequestMethod.GET})public void download(HttpServletResponse response, HttpServletRequest request) throws Exception{String fileUrl = request.getParameter("fileUrl");byte[] data = fdfsClient.download(fileUrl);response.setCharacterEncoding("UTF-8");response.setHeader("Content-disposition", "attachment;filename=" + URLEncoder.encode("test.jpg", "UTF-8"));// 写出ServletOutputStream outputStream = response.getOutputStream();IOUtils.write(data, outputStream);}/*** 生成访问链接*/@RequestMapping(value="/location", method = {RequestMethod.GET})public String location(HttpServletResponse response, HttpServletRequest request, Model model) {String fileUrl = request.getParameter("location");System.out.println(fileUrl);//tokenString token = fastdfsToken;String IP = fastdfsUrl;fileUrl = getToken(fileUrl,token,IP);model.addAttribute("Url", fileUrl);return "tools/uploadfile";}/*** 获取访问服务器的token,拼接到地址后面** @param fid 文件路径 group1/M00/00/00/wKgzgFnkTPyAIAUGAAEoRmXZPp876.jpeg* @param secret_key 密钥* @return 返回token,如: token=078d370098b03e9020b82c829c205e1f&ts=1508141521*/public static String getToken(String fid, String secret_key, String IP){String substring = fid.substring(fid.indexOf("/")+1);//unix时间戳 以秒为单位int ts = (int) (System.currentTimeMillis() / 1000);String token=new String();try {token= ProtoCommon.getToken(substring, ts, secret_key);} catch (UnsupportedEncodingException e) {e.printStackTrace();} catch (NoSuchAlgorithmException e) {e.printStackTrace();} catch (MyException e) {e.printStackTrace();}StringBuilder sb = new StringBuilder();sb.append(IP);sb.append(fid);sb.append("?token=").append(token);sb.append("&ts=").append(ts);//System.out.println(sb.toString());return sb.toString();}
}
效果
1、上传
2、下载
3、获取访问链接:
访问效果图:
原文章地址:
https://blog.csdn.net/W_Meng_H/article/details/85402879