参考chatgpt的答案，需要安装 ngx_http_auth_request_module，配置如下：

server {
    listen 80;
    server_name example.com;

    location /download {
        auth_request /auth;
        root /path/to/files;
        try_files $uri =404;
    }

    location = /auth {
        proxy_pass http://127.0.0.1:8080/auth;
        proxy_pass_request_body off;
        proxy_set_header Content-Length "";
        proxy_set_header X-Original-URI $request_uri;
    }
}

You would need to implement the /auth endpoint in your application to validate the token and authorize access to the file. If the token is valid, the application should return a 200 OK response to Nginx. Otherwise, it should return a 401 Unauthorized or 403 Forbidden response.

参考文章：

1. nginx ngx_http_auth_request_module 模块鉴权
2. php 结合 nginx 实现文件鉴权后下载