I'm trying to securely upload and retrieve images and videos from Amazon S3. I've learned that using presigned URLs is the way to go for uploads, but I'm unclear about how to use them for retrieval. What kind of URL should I store in my database? How do I manage situations like token expiration? I'm building a backend for both mobile and web, with features like user-uploaded products and possibly a story feature similar to Instagram. I'm currently using passport for local authentication and storing the bucket URL with the key in my database. Any advice would be appreciated!
2 Answers
For retrieving files from S3, presigned URLs actually work just like they do for uploads. You generate them for the files you want to allow users to access. Just keep in mind that they are time-limited, so storing them in your database isn't a good idea. Instead, generate the URL on the fly when someone requests it!
You really should consider using a CDN like CloudFront in front of your S3 bucket. This way, you can cache the files and avoid extra costs from frequent S3 access. Plus, it allows you to secure your access with signed URLs or cookies. Definitely look into that!
Great point! I hadn't thought of the cost benefits of using a CDN. I'll definitely explore that option.
So just to clarify, you're saying it wouldn't make sense to keep the presigned URL stored anywhere? That makes a lot of sense!