Fastdfs's author introduces the anti-theft chain using Fastdfs's built-in anti-theft chain function

Fastdfs built-in anti-theft chain using token way.
Tokens are time-sensitive and contain file IDs, timestamp ts, and keys.
Token is valid within the set time frame, for example, within 5 minutes.

Fastdfs in the URL with the current timestamp and the token with aging, the parameter names are TS and token respectively.
The algorithm for generating tokens is provided in the Fastdfs API, and tokens are inspected in the extension module.
Token generation and validation are on the server side, so there is no security issue.

Link Example: http://192.168.1.15:8080/group1/M01/01/01/wKgBD01c15nvKU1cAABAOeCdFS466570.c?token= b32cd06a53dea4376e43d71cc882f9cb&ts=1297930137

Several parameters related to the anti-theft chain in http.conf are as follows:
Http.anti_steal.check_token: Whether to do token check, default is False
Http.anti_steal.token_ttl:token TTL, which is the effective duration of token generation
Http.anti_steal.secret_key: Generate token Key, try to set it longer, never let go
Http.anti_steal.token_check_fail:token check failed, return the file contents, need to specify local file name

The configuration examples are as follows:
# If use tokens to Anti-steal
# default value is False (0)
Http.anti_steal.check_token=false

# token TTL (Time to live), seconds
# Default value is 600
http.anti_steal.token_ttl=900

# secret key to generate Anti-steal token
# This parameter must is set when Http.anti_steal.check_token set to True
# The length of the secret key should not exceed bytes
http.anti_steal.secret_key=fastdfs1234567890

# Return the content of the file when check token fail
# Default value is empty (no file sepecified)
Http.anti_steal.token_check_fail=/home/yuqing/fastdfs/conf/anti-steal.jpg

Http://bbs.chinaunix.net/thread-1916999-1-1.html