linux中srs 身份认证配置例子
用过很多免费的视频工具,从red5,crtmp到srs,总体来说srs还算比较完善的,比较稳定的。到止前为止,srs发布的稳定最新版srs 1.0r4 release,下面的测试都是根这个版本来进行的。
1,服务器说明
srs服务器 192.168.1.108
web服务器 192.168.1.208
2,srs文件配置目录/usr/local/srs/conf/
[root@localhostconf]# ll
total 136
-rw-r--r-- 1 root root 402 Jun 24 09:34 bandwidth.conf
-rw-r--r-- 1 root root 352 Jun 24 09:34 console.conf
-rw-r--r-- 1 root root 558 Jun 24 09:34 demo.19350.conf
-rw-r--r-- 1 root root 6045 Jun 24 09:34 demo.conf
-rw-r--r-- 1 root root 399 Jun 24 09:34 dvr.segment.conf
-rw-r--r-- 1 root root 335 Jun 24 09:34 dvr.session.conf
-rw-r--r-- 1 root root 359 Jun 24 09:34 edge.conf
-rw-r--r-- 1 root root 323 Jun 24 09:34 edge.token.traverse.conf
-rw-r--r-- 1 root root 995 Jun 24 09:34 ffmpeg.transcode.conf
-rw-r--r-- 1 root root 371 Jun 24 09:34 forward.master.conf
-rw-r--r-- 1 root root 333 Jun 24 09:34 forward.slave.conf
-rwxr-xr-x 1 root root 37388 Jun 24 09:34 full.conf
-rw-r--r-- 1 root root 366 Jun 24 09:34 hls.conf
-rw-r--r-- 1 root root 688 Jun 24 09:34 http.heartbeat.conf
-rw-r--r-- 1 root root 471 Jun 24 09:34 http.hls.conf
-rw-r--r-- 1 root root 874 Jun 24 09:34 http.hooks.callback.conf
-rw-r--r-- 1 root root 589 Jun 24 09:34 ingest.conf
-rw-r--r-- 1 root root 299 Jun 24 09:34 origin.conf
-rw-r--r-- 1 root root 294 Jun 24 09:34 realtime.conf
-rw-r--r-- 1 root root 225 Jun 24 09:34 rtmp.conf
-rw-r--r-- 1 root root 1005 Aug 16 19:22 srs.conf //这个是进程启动时默认调用的配置
-rw-r--r-- 1 root root 819 Jun 24 09:34 transcode2hls.audio.only.conf
首先,先赞一下srs的配置说明,非常的全面,所有的配置都有实例,看一下官方文档,然后在该目录下找配置文件,很方便。
3,srs的认证配置
vhost __defaultVhost__ {
。。。。。。。。。。。。。。。。。。。。。
http_hooks {
enabled on;
# on_connect http://192.168.1.208/checkuser.php;
# on_close http://192.168.1.208/checkuser.php;
on_publish http://192.168.1.208/checkuser.php;
# on_unpublish http://192.168.1.208/checkuser.php;
on_play http://192.168.1.208/checkuser.php;
# on_stop http://192.168.1.208/checkuser.php;
}
。。。。。。。。。。。。。。。。。。。。。。。。。
}
在vhost中加上http_hooks,在发布rtmp流之前就会先去校验checkuser.php,根checkuser.php的返回,在决定是否能发布rtmp流。注意哦,可以验证多个服务器哦,也就是说,on_publish后的连接,可以多个,用空格分隔,full.conf中有详细的说明。
4,checkuser.php文件是在web服务器208
class checkuser
{
private $host = '192.168.1.208';
private $user = "dba";
private $pass = "111111";
private $database = 'srs';
private $db ;
private $data ;
public function __construct(){
$param = file_get_contents("php://input"); //$info下一行注释的内容
//'{"action":"on_publish","client_id":111,"ip":"192.168.1.108","vhost":"__defaultVhost__","app":"live","stream":"23948523485?key=13799999999_VVVXAaANX"}';
$this->data=json_decode($param);
$this->error_l($param);
if(!emptyempty($this->data->action)){
$this->db = new ezSQL_mysql($this->user, $this->pass, $this->database, $this->host);
$this->db->query("set names utf8;");
$this->checkUser();
}else{
echo "1";
}
}
public function checkUser(){
if ( $this->data->action == "on_connect"){
echo "0";
}
else if ( $this->data->action == "on_close"){
echo "0";
}
else if ( $this->data->action == "on_publish"){
$arr_query = $this->convertUrlQuery($this->data->stream);
echo $arr_query;
}
else if ( $this->data->action == "on_unpublish"){
echo "0";
}
else if ( $this->data->action == "on_play"){
echo "0";
}
else if ( $this->data->action == "on_stop"){
echo "0";
}
else if ( $this->data->action == "on_dvr"){
echo "0";
}
else{
echo "1";
}
die;
}
public function convertUrlQuery($query)
{
$m = '/key=(.*)/i';
preg_match($m,$query,$match);
if(!emptyempty($match[1])){
$info = explode('_',$match[1]);
if(!emptyempty($info[0]) && !emptyempty($info[1])){
$result = $this->checkSrsLogin($info[0], $info[1]);
if(!emptyempty($result)){
return 0;
}else{
return 1;
}
}else{
return 1;
}
}else{
return 1;
}
}
public function checkSrsLogin ($account, $password)
{
if(emptyempty($account) || emptyempty($password)){
return false;
}
$sql = "select user_id from user ".
" where password = '" . $password . "' and mobile = " . $account;
$result = $this->db->get_row($sql);
return $result;
}
public function error_l($param){
$message = "\r\n" . 'params: ' . $param . "\r\n" . 'Return Time : ' . date('Y-m-d H:i:s') . "\r\n";
$message .= '-----------------------------------------------------------------------------------------------' . "\r\n";
$path = getcwd()."/srs.log";
error_log($message, 3, $path);
}
}
5,利用ffmpeg发布rtmp的视频流,在108服务器
ffmpeg -re -i "/root/test.flv" -vcodec copy -acodec copy -f flv rtmp://192.168.1.108/live/23948523485?key=13799999999_VVVXAANX
rtmp流,为什么是这样形势呢。这是从full.conf文档中找到的,以下是full.conf文件中的部分内空
# when client connect to vhost/app, call the hook,
# the request in the POST data string is a object encode by json:
# {
# "action": "on_connect",
# "client_id": 1985,
# "ip": "192.168.1.10", "vhost": "video.test.com", "app": "live",
# "tcUrl": "rtmp://video.test.com/live?key=d2fa801d08e3f90ed1e1670e6e52651a", //看到了吧
# "pageUrl": "http://www.test.com/live.html"
# }
# if valid, the hook must return HTTP code 200(Stauts OK) and response
# an int value specifies the error code(0 corresponding to success):
# 0
# support multiple api hooks, format:
所以key后面的内容,就是要传递给checkuser.php的内容。
在这里要注意哦。key=xxxxx,这种形势是固定的哦,不支持key=xxxxxx&aaa=bbb。所以key后面,要传什么,要不要加密,自己决定了。
6,在208服务器看一下,srs.log信息