So I’ve got a webapp that stores something, lets say photos.
The photos are currently stored on my webserver’s filesystem via
attachment_fu. Users can upload photos fine, they get stored fine,
and I can display them fine. I jiggered attachment_fu to use custom
path/filenames based on the ID of the photo, I’m storing them some
place like /public/photos/123.jpg
So far so good.
I have a ‘view’ section of the photo controller, along with a view
that shows the photo itself along with all the associated information
on it…owner, date, whatever. Users must be logged in to the site to
view photos, so there is a before_filter that tests that. Great.
Of course nothing prevents anyone on the Intarwebs from typing
www.insecurephotos.com/photos/123.jpg in to their browser and having
the webserver serve the file up directly. Big problem.
How do I solve this? Here are some ideas I am throwing around…
- move the storage to outside rails_root and use send_file to stream
it directly from the file. (Yucky!)
- move the storage to the db and stream from there (Ugh, Puke!)
- move the storage to Amazon S3. I don’t know enough about this.
Does S3 expose the item to the internet as a url? Can I stream the
photo from S3 into rails, and then from rails to the user? There MUST
not be a publicly available URL to the photo.
Any other ideas?