deny direct access to file on S3

后端 未结 1 1389
挽巷
挽巷 2021-01-12 14:19

I am building a django/s3 application with the following behaviour:

  1. User logs in
  2. User uploads a document -> document goes to S3 (eventually with a UID
相关标签:
1条回答
  • 2021-01-12 14:46

    Don't make your files public. This will prevent non-authorised users from accessing the files.

    Then in your Django app, you can generate urls with a querystring that allows an authorised user to access an S3 file for a limited time.

    The amazon docs for querystring request authentication have more information.

    0 讨论(0)
提交回复
热议问题