Wowza with Wordpress Authentication

In this short tutorial I'll show you how to set up your streams so that only users who log into your Wordpress site can view your streams. I am not too familiar with Wordpress, so there might be more elegant solutions, if you happen to have suggestions, please comment below the article.

Preparation on Wowza side

First copy the downloaded wrench-xxx.jar file and the JDBC driver jar file for your database under your Wowza installations lib directory. (Most probably this is http://dev.mysql.com/downloads/connector/j/5.0.html )

I don't want to go into all the details, so I assume you already have your streaming application set up in Wowza Streaming EngineĀ®. Now all you need to do is configure Wrench as a module in your application. You can do this by adding the below snippet to your applications config in Wowza's conf/myapplication/Application.xml file, where myapplication is the name of your application.

<Module> 
 <Module>
   <Name>User Authentication</Name>
   <Description>User Authentication</Description>
   <Class>com.streamtoolbox.Wrench</Class>
 </Module>
</Modules>

This enables Wrench, which also requires few properties to be set in this file:

<Properties>
  <Property><Name>wrench.db.driver</Name><Value>com.mysql.jdbc.Driver</Value></Property>
  <Property><Name>wrench.db.url</Name><Value>jdbc:mysql://localhost:3306/wordpressdatabase</Value></Property>
  <Property><Name>wrench.db.user</Name><Value>dbadmin</Value></Property>
  <Property><Name>wrench.db.pass</Name><Value>dbadminpassword</Value></Property>
  <Property><Name>wrench.encoder.token</Name><Value>ncoder</Value></Property>
  <Property><Name>wrench.token.url.parameter</Name><Value>token</Value></Property>
  <Property><Name>wrench.token.hashing</Name><Value>md5</Value></Property>
  <Property><Name>wrench.token.resolver.sql</Name><Value>select user as username,ip,ts as timestamp from wp_tokens where token=:hashedtoken</Value></Property>
</Properties>

Please specify the correct values, so Wrench will be able to connect to your Wordpress installation's database in order to check tokens.

Create a table for tokens

We need to create a table in our Wordpress database which will hold the dynamically generated tokens that Wrench uses to authenticate users:

CREATE TABLE wp_tokens (
   ID int(12) NOT NULL AUTO_INCREMENT,
   USER varchar(128) NOT NULL COMMENT 'User name',
   TS timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   IP varchar(64) NOT NULL,
   TOKEN varchar(128) NOT NULL COMMENT 'Hashed tokens',
   PRIMARY KEY (`ID`) 
)

Install PHP plugin into Wordpress

We need to dynamically insert tokens into our database which we'll do from our post by adding few lines of PHP code there. This can be achieved by installing the Allow PHP in Posts and Pages Wordpress plugin.

Now create a post which will hold your favourite player, like Flowplayer or JW Player or your links to your Wowza streams that can be opened by visitors using iPhones, iPads or Android devices.

Hi, this is my post and you can find the video stream below:

[php debug=1]
  global $wpdb;
  global $user_login;
  $token = uniqid();
  $hashedtoken = md5($token);
  $user = $user_login;
  $ip = $_SERVER['REMOTE_ADDR'];

  $wpdb->insert('wp_tokens', 
     array('user' => $user, 'token' => $hashedtoken, 'ip' => $ip),
     array('%s','%s','%s')
  );
  echo "<p><a href='http://myserver/mystreamingapp/streamName/playlist.m3u8?token=$token'>Watch my video</a></p>";
[/php]

Of course, you might want to be more sophisticated, do additional checks or instead of this direct link emit a <script> tag with javascript code that sets up your JW Player like this:

/* This assumes you have a div with cc id somewhere on your page */
jwplayer("cc").setup({ 
   flashplayer: "/player.swf",
   streamer: 'rtmp://myserver:1935/mystreamingapp?token=$token',
   file: streamName
});

Now after you have all this, if you only show this post to logged in users, then every time they open this post, a new row gets entered in your database. When the user opens the stream link or starts to play the stream, Wowza Wrench will look for the token in the new connection on Wowza's side. When the token is found, it tries to resolve it by running the above specified token resolver SQL query. If it returns valid user data, it allows access to the stream. If not, the connection is refused.

This can be used to prevent people from putting links to your stream from external sites, because they can only get a valid token by visiting your site.

This article does not cover all the details and features. Please read also the basic user authentication article and read about the details and other parameters in the Wrench reference. An overview of the authentication mechanism can be found here.

Feel free to add any comments or questions below.

Write new comment