S3 upload should not be view able outside the application

31 views Asked by At

I have an application where users can upload their documents. The problem is if I copy the url of a document I am able to view that document from any other browser and I need not to login or even open my application in browser. I want to set S3 so that only my application's users should be able to view the documents and these user should also be logged in.

1

There are 1 answers

0
Sathishkumar Jayaraj On

Do the following in your uploader file,

storage :fog
def initialize(*)
    super
    self.fog_credentials = {
      :provider               => 'AWS',              # required
      :aws_access_key_id      => 'your_access_key',     # required
      :aws_secret_access_key  => 'your_secret_key',    # required
    }
    self.fog_directory = "your_directory"
    self.fog_public = false
    self.fog_authenticated_url_expiration = 300
  end

Now the generated url will gets expired within the specified duration. Also the url will be generated based on some token eveytime. Now you can restrict the user from generating the file url.