As I described in my introduction page I wanted to live stream output from my GoPro, but as I do not have thousands of followers on YouTube and I avoid Facebook like the plague it left me with few other easy and affordable options.
So I did it myself.
In this section of my nginx, rtmp, oauth live streaming server setup I describe the python app I put together to manage the streams, the user authentication and the web pages. It is a python app that uses flask as its web framework and relies upon Nextcloud as its OAuth server. It is not intended to be a standalone application that you can just download and run, but instead is a tutorial/template that you can use to design your own app.
I put it on Github too.
Section 3: Designing an application to glue it together
To glue all the components together nginx needs a little assistance from an application. The role of the application is to
- provide a web page that lists available streams
- control the user session information and validate the user decryption key requests against an OAuth server
- provide the URL endpoints that nginx will use to announce the start of a stream, the end of a stream
The application I slapped together is a simple python (version 3) app that uses Flask as its web framework and relies on redis for session management and OAuth for user authentication. The streams published to the app however do not require authorization. I figured anyone publishing a stream would end up with an encrypted stream that only my users could watch. Not too useful or annoying. Clear streams however I restrict to only internal publishers., not rando Internet people. Authorizing the publish point I will leave for someone else to worry about. Perhaps just add a secret token to the https URL.
From a previous post about the nginx config I showed the encrypted publish endpoint, /live, doing three things with the python application:
- Tell the python app that a new stream has started via “on_publish http://127.0.0.1:8000/start_stream;”
- Prepare to tell the python app when a stream stops via “on_publish_done http://127.0.0.1:8000/stop_stream;”
- Validate the user access to the decryption key using the http://127.0.0.1:8000/authorize_key URL.
All told, the application API includes these endpoints as well as some to simply manage the stream lists, log the user in and out via OAuth and a few housekeeping URLs:
- Introduction: What this project is about
- Section 1: The nginx config and how it controls access
- Section 2: Dealing with the missing nginx pieces
- Section 3: Designing an application to glue it together <== YOU ARE HERE
- Section 4: Integrating OAuth authentication using Nextcloud (Coming Soon)
- Section 5: Session storage with Redis (cool Enterprise scaling option) (Coming Soon)
- Section 6: Streaming with my GoPro or with ffmpeg (Coming Soon)
In the next section I will discuss my OAuth server setup, including the code in the python app and the Nextcloud server config.