From 4c0255bb25f1f8f78cd1864f0bdc729056444a01 Mon Sep 17 00:00:00 2001
From: HoshinoKoji <hoshino_koji@163.com>
Date: Mon, 7 Oct 2024 23:42:22 +0800
Subject: [PATCH] Add download link expiration time

---
 src/download.js | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/download.js b/src/download.js
index a7d6aea..35549d2 100644
--- a/src/download.js
+++ b/src/download.js
@@ -14,11 +14,12 @@ export async function downloadDispatcher(request, env, ctx) {
     
     if (!signature && request.headers.get('x-access-token') !== adminSecret)
         return new Response(null, { status: 403, statusText: 'Forbidden' });
-    else {
-        const hash = await getHashString(`${key}${timestamp}${signatureBase}`, 'SHA-1');
-        if (signature !== hash)
-            return new Response(null, { status: 403, statusText: 'Forbidden' });
-    }
+
+    const hash = await getHashString(`${key}${timestamp}${signatureBase}`, 'SHA-1');
+    if (signature !== hash)
+        return new Response(null, { status: 403, statusText: 'Forbidden' });
+    if (Date.now() - Number(timestamp) > 1000 * 60 * 5) // 5 minutes
+        return new Response(null, { status: 403, statusText: 'Signature Expired' });
 
     try {
         const object = await bucket.get(key);