Next.js 15 Signed URL 资源访问与过期治理实践

核心价值通过 HMAC 签名与过期时间控制静态资源访问，降低未授权分享风险。在 Edge 路由中高性能验证并安全代理到后端或 CDN。实现export const runtime = 'edge' const SECRET = 'super-secret' async function hmac(input: string) { const enc = new TextEncoder() const key = await crypto.subtle.importKey('raw', enc.encode(SECRET), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']) const mac = await crypto.subtle.sign('HMAC', key, enc.encode(input)) return btoa(String.fromCharCode(...new Uint8Array(mac))) } export async function GET(req: Request) { const url = new URL(req.url) const path = url.searchParams.get('path') || '' const exp = Number(url.searchParams.get('exp') || 0) const sig = url.searchParams.get('sig') || '' if (!path || !exp || !sig) return new Response('Forbidden', { status: 403 }) const now = Math.floor(Date.now() / 1000) if (now > exp) return new Response('Expired', { status: 403 }) const expected = await hmac(`${path}:${exp}`) if (sig !== expected) return new Response('Forbidden', { status: 403 }) const target = `https://cdn.example.com/${path}` const res = await fetch(target) if (!res.ok) return new Response('Not Found', { status: 404 }) return new Response(res.body, { headers: { 'Content-Type': res.headers.get('content-type') || 'application/octet-stream', 'Cache-Control': 'private, max-age=60', }, }) } 治理建议令牌仅覆盖资源路径与过期时间，避免包含敏感信息；令牌有效期应短且可撤销。对下载量大的资源结合 `Range` 支持与限速策略；并记录审计日志以便追踪。结论Signed URL 在静态资源场景下易于落地且高效，结合边缘验证可显著提升访问控制的安全性与可用性。