0

I have a Django project which is currently protecting media files by using a view which checks user permissions before using sendfile to serve the media (which is hosted on my webserver) via nginx.

I want to move the media to AWS (from my webserver) but if I do that, how do I continue to protect access to the files via Django?

The only options I've seen so far have been to get Django to check the permissions, then download the file and serve it to the user but that's not ideal and it's why I'm using sendfile in the first place!

Is there a way to use sendfile to serve AWS files maybe?

I've also read about AWS presigned URLs but, whilst they do have an expiry date, surely that URL could (before it expires) be available to users that shouldn't be able to see the file?

bodger
  • 1,112
  • 6
  • 24
  • set your bucket to private and give/generate access key only to people who have right to – iklinac Jun 24 '20 at 11:16
  • @iklinac But doesn't that mean that the URL that is generated and given to the user will also work for anyone else that has it? ie. if they send it to someone else, it will work for them too? – bodger Jun 24 '20 at 13:45
  • what difference it makes if someone has access to file he can share it anyways, also all generated access signatures have expiry time – iklinac Jun 24 '20 at 13:48
  • This isn't the case at the moment - the file is served by nginx and is protected by Django code that restricts access to those who are logged in. So if someone gives out the link, they won't be able to see the file unless they too are logged in. – bodger Jun 24 '20 at 13:52
  • they can give file, as I said there is no much difference step more or less. In this case link would be accessible for x number of seconds – iklinac Jun 24 '20 at 13:54
  • Fair enough. I was just wondering if there was any way of actually protecting the AWS URL in the same way I do with my own URLs. – bodger Jun 24 '20 at 13:57
  • I am facing the same problem, @bodger did you get any solution to it? – Tasawer Nawaz Feb 09 '23 at 06:33

0 Answers0