├── requirements.txt
├── config.ini
├── authentication.json
├── example-nginx.conf
├── README.md
└── rtmpauth.py


/requirements.txt:
--------------------------------------------------------------------------------
1 | ### pip requirements for nginx rtmp auth script
2 | configparser
3 | aiohttp
4 | 


--------------------------------------------------------------------------------
/config.ini:
--------------------------------------------------------------------------------
1 | [main]
2 | bind_to_ip = 127.0.0.1
3 | bind_to_port = 88
4 | authentication_file = authentication.json
5 | log_to_file = auth.log
6 | 


--------------------------------------------------------------------------------
/authentication.json:
--------------------------------------------------------------------------------
1 | {
2 |   "encoder":["test_12121212", "averysecretstreamkey", "literally-unhackable"],
3 |   "streamerpush":["password"]
4 | }
5 | 


--------------------------------------------------------------------------------
/example-nginx.conf:
--------------------------------------------------------------------------------
 1 | rtmp {
 2 |     server {
 3 |             listen 1935;
 4 |             chunk_size 4096;
 5 |             ping_timeout 60s;
 6 | 
 7 |             application encoder {
 8 |                     live on;
 9 |                     record off;
10 |                     on_publish http://127.0.0.1:88/auth/; # Any application which you want to enable authentication on, paste this line to.
11 |             }
12 |             application streamerpush { # You can use the stream key system to manage stream keys yourself and distribute unique keys to guest streamers
13 |                     live on;
14 |                     record off;
15 |                     on_publish http://127.0.0.1:88/auth/;
16 |                     push rtmp://live-lax.twitch.tv/app/STREAMKEY;
17 |             }
18 |             application test {
19 |                     live on;
20 |                     record off;
21 |             }
22 |     }
23 | }
24 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # nginx-rtmp-auth
 2 | A Python script that allows you to authenticate RTMP publishers in nginx-rtmp-module.
 3 | 
 4 | ## Usage:
 5 | - Build NGINX with nginx-rtmp-module and see [the example conf](/example-nginx.conf) for how to setup authentication with the script.
 6 | - Install dependencies: `pip3 install -r requirements.txt`
 7 | - Edit [config.ini](/config.ini) with general settings, then edit [authentication.json](/authentication.json) with your applications and stream names (also called stream keys)
 8 | - Run with `sudo python3 rtmpauth.py` (sudo not needed if you are using a port number over 1000)
 9 | 
10 | ## Getting Help:
11 | If you need help, just open a new issue and describe with as much detail as possible the issue you are having. We will get back to you as soon as possible.
12 | 
13 | ## IRLTookit Links
14 | 
15 | - https://twitter.com/IRLToolkit
16 | - https://irltoolkit.com/discord
17 | - https://irltoolkit.com
18 | 


--------------------------------------------------------------------------------
/rtmpauth.py:
--------------------------------------------------------------------------------
 1 | import logging
 2 | from aiohttp import web
 3 | import sys
 4 | import json
 5 | from configparser import ConfigParser
 6 | 
 7 | configfile = 'config.ini'
 8 | config = ConfigParser()
 9 | config.read(configfile)
10 | hostName = config.get('main', 'bind_to_ip')
11 | hostPort = config.getint('main', 'bind_to_port')
12 | authfile = config.get('main', 'authentication_file')
13 | logfile = config.get('main', 'log_to_file')
14 | logging.basicConfig(level=logging.INFO, handlers=[logging.FileHandler(logfile), logging.StreamHandler()])
15 | 
16 | def read_auth():
17 |     with open(authfile) as json_file:
18 |         try:
19 |             data = json.load(json_file)
20 |         except json.JSONDecodeError:
21 |             logging.error('Could not decode JSON authentication file! Exiting...')
22 |             sys.exit()
23 |         return data
24 | 
25 | async def authhandle(request):
26 |     ipaddress = request.remote
27 |     logging.info('--------------------')
28 |     logging.info('Recieved new auth request from IP: ' + str(ipaddress))
29 |     authtable = read_auth()
30 |     body = await request.post()
31 |     if 'app' in body.keys() and body['app'] in authtable.keys():
32 |         if body['name'] in authtable[body['app']]:
33 |             logging.info('Publish authenticated. (App: {}, Streamname {})'.format(body['app'], body['name']))
34 |             return web.Response(status=200)
35 |         else:
36 |             logging.warning('Publish failed to authenticate. (App: {}, Streamname {})'.format(body['app'], body['name']))
37 |             return web.Response(status=401)
38 |     return web.Response(status=404)
39 | 
40 | app = web.Application()
41 | app.add_routes([web.post('/auth/', authhandle)])
42 | web.run_app(app, host=hostName, port=hostPort)
43 | 


--------------------------------------------------------------------------------