vCDN supports different levels of access:
For example, you can create a separate account to work with files only or with access to statistics only.
The API has a tree-like structure: /class/action (or /class/action/specific in some cases) - for
limited logins you can deny/allow access to the branch as a whole or to its single element.
A more specific rule has priority - you can deny access to /file/delete, even if access to
the /file/ branch is allowed.
Currently, two authentication methods are supported:
Regular plain HTTP authentication. You can request the API directly in browser (for example, read the documentation for a specific call).
In scripts, you can use URLs like http://login:password@cp.ahcdn.com/ (if traffic interception
is a cause of concern, it is recommended to use https, but you can use http to decrease the delay).
Or, you can use special options or environment variables to specify the login/password for the
appropriate utilities (wget, curl, ..)
Or you can generate Authentication HTTP-header and transmit it while executing an API-
request:
# LOGIN=customer-role # PASS=qwerty # AUTH=`echo -n "$LOGIN:$PASS" | base64 -e` # wget -O - --header='Accept-Encoding: *,gzip' --header="Authorization: Basic $AUTH" 'https://cp.ahcdn.com/api2/file/list'
The token is sent as a GET or POST request parameter to the API query.
After verification, it is stored (saved to the cache) and next queries using it will be rejected.
OTP has the following form:
LOGIN:EXPIRE:SALT:AUTH
http://cp.ahcdn.com/api2/file/list?otp=login:1234567890:saltsalt:4e75803b98d555c986f2752fcb11d317&format=text&fields=id,status&filter_full_name=1/2/345.flv
<?php
function api_otp() {
$LOGIN = 'login';
$PASSWORD = 'password';
$EXPIRE = time() + 300;
$rnd_str = '';
for ($i=1; $i<=6; $i++) {
$rnd_str = $rnd_str . chr(rand(0,255));
}
$SALT = strtr(base64_encode($rnd_str), '/', ',');
$AUTH = md5("$EXPIRE:$SALT:$PASSWORD");
return "$LOGIN:$EXPIRE:$SALT:$AUTH";
}
?>