I am planning to build a photo sharing website. The back-end services are split into 2 parts: metadata and storage. When a client uploads a photo to storage server, the storage server return a upload resource token, and the client then proceed to register this resource with metadata server.
My question is, how do I prevent network failure or malicious attacker? Say, if my metadata server is down for some time, the client cannot register metadata after uploading with storage server. So my metadata server has no idea some of uploads are unused in storage server. Or, an attacker decides to flood a lot of uploads to my storage server, but never register them to my metadata server.
How do I prune un-registered uploads from my storage server? How does google photo prevent this?(they use metadata server and storage server as well) Do I have to wait my metadata server to confirm the registration before making the next uploads? Isn't it bogging down the performance?
PS: I plan to use Spring MVC for both services.
