I'm looking to establish a file storage solution on my office's computer. My goal is to be able to upload and retrieve files from anywhere using a secure token. I want to essentially transform my office computer into something akin to Google Drive.
Here's the basic idea I have in mind:
1. I'd use a cloud server (like AWS) for temporary file storage, where I'd keep track of uploaded files, delete them after a set time (maybe 3 minutes), and limit uploads to a specific size (around 5 GB).
2. The office server would periodically check the cloud server for files to download and organize them based on a SQL server that maintains a table of contents with different levels, allowing for a structured file hierarchy.
3. As a second step, I'd like to implement a frontend server that lets users send files to the office storage and browse available files without exposing the entire computer.
I've built a prototype using FastAPI and MySQL, but I'm considering switching to Java Spring Boot since that's what my colleagues are familiar with. I'd love to know if there are simpler solutions or if I'm overcomplicating things with my current approach.
2 Answers
If it’s just for personal use, you might get away with the security issues. But it's worth looking into potential vulnerabilities, especially around unauthorized access and data leaks.
Have you thought about just using existing services like Google Drive, Dropbox, or even setting up NextCloud? These options are tried and true and could save you a lot of headaches.
We already use a paid Google Drive, but I was hoping for something more direct and customized without sacrificing ease of access and authentication. Maybe my idea isn’t the best after all.
Can you point out specific security flaws I should be aware of?