how to secure member photos for high-traffic website

On a actual project (dating site) i have the following scenario:

Member can upload photos (main profile) and create albums and assign photos to it. Now the member can choose only to allow registered members, premium members or members in his favorites to access the album.

The easiest solution is to hide the album, but if someone who has access post the src url to the photo it would be accessible to everyone who has the url.

I see flickr and facebook secure them in a good way, but how i can implement that without to need to query many times the DB and replicate the user auth/session. The photos will be stored on a own server (varnish/nginx).

Has anyone a idea how this can be done in开发者_如何转开发 mind of high traffic and to use less resources as possible?

The solutions needs to can handle the actual 20m members and around 30m photos.

Well, one possibility would be to run something like Lighttpd's mod_secdownload.

Basically you set a "secret" string in the configuration section. Then when you generate the links, instead of making a link to the resource, it's a temporal link (so it's only valid for $x number of seconds). That way the user needs to visit the page again (and hence pass access control again) before being allowed to view that image...

Apache has a similar module: mod_auth_token...

The best solution is to store the image outside the web accessible part of your server. Then, instead of referencing the photo directly, you would reference a php page pointing to the image as so:

http://www.example.com/image.php?imageid=1234567

Then in your php script, you can check if the logged in user has access to the photo, and if so, you stream the image out to the user in the response.

As an idea...

You could create a mapping table where you "prepare" the access permissions for pairs user->photo based on favorites, friends etc.

Then you return the images based on these permissions but cached per user. This will lower the stress on your servers but there will be some delay in applying restrictions due to cache timeouts.