I am using AWS dynamodb to store users data. Now I want to add profile images, images can be uploaded by users. Initially I thought of using S3 but after calculating price I decided to use own server for images and dynamodb to store user data.
For simplicity, lets say my user data at AWS dynamo looks like this:
{
name:"Tom",
profile_img:"https://myserver.com/a/b/c/d/4rwffdsg344322fe.png"
}
During profile creation or update stage I have uploaded images to my server and updated profile_image url to dynamodb.
My question is what is that best approach to secure images?
Related
I want to create an API in the Strapi. When this API hits, it will fetch data from another API service and store the strap as well. Later when I use this Strapi API I will use the previously retrieved data.
I found a documentation about external data, but the example here is hard to fully understand
https://docs.strapi.io/developer-docs/latest/guides/external-data.html
This is how you can do that in a Strapi.
Create a new model to store external API then add a new controller with those steps:
Check if requested data is present in database (using an unique ID or any way to identify the data for example)
If data exists, return it
If not, use 'axios' (installed with Strapi) or 'request' to fetch the external API
Store the fetched data
Return the fetched data
I am trying to obtain the amazon connect ID, if existing, that is related to an email using the aws sdk for node.js
Reading the following sdk:
https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Connect.html
or this one:
https://docs.aws.amazon.com/connect/latest/APIReference/API_DescribeUser.html
The closest thing I can see is describeUser, but that one requires the amazon connect id to retrieve the user data.
There are endpoints for search, but they dont seem to search users. It seems the only way is to get the entire user list via listUsers
Am I correct or is there a way to obtain a single user, given their email?
AWS doesnt offer this functionality, best that can do is get the full list of users then query the user data for each id to obtain the emails and finally filter them yourself.
I have written an API to read user posts after the token is passed in the header. API returns many posts at a time with the nested attachment name for images or videos etc. Currently, all attachments are stored in a server folder directory. Attachments is displayed by another API which accept attachment name as a parameter and return attachment url.
Now I want to move on AWS S3 bucket with the same concept with presigned URL.
API is being used on the flutter app.
I created a API which accept user auth token and return upload presigned URL for s3 bucket.
For displaying attachments i am thinking two option.
Create a another API which accept attachment name(object key name) and will return presigned URL of that attachment.
Post API return json data after replacing all attachment name with presigned URL. But this will take too long for nested json data by looping.
I am new in AWS s3 bucket. Please guide what will be the best way to handle this.
How facebook, twitter, instagram handle private files.
The best option I see is returning the post data with already generated pre-signed url.
Having a separate api for generating the presigned url would mean
the system will need to authorize the input anyway (if the user is authorized to access the particular object)
the user has to wait anyway until the signed links are generared, just with additional call
this will take too long for nested json data by looping
Not really, generating the presigned url makes no backend / S3 calls, it's just a bunch of HMAC computations. But, as already mentioned, these need to be done regardless which option is chosen
So I'm currently building an app. User would have the possibility to upload image. The image they upload should only be visible by them. So I'm wondering how I can achieve this considering the image is available through a URL.
Actually what I was thinking was, in order to get the picture, the user should do a REST API request and the api would return the image data if the user has the correct permission.
The frontend of my app is in React and the backend (Rest api) in nodeJS.
Edit: Actually the image are store on AWS S3 (this can change if needed)
Thanks !
The best option to allow only authorized users to fetch an image is S3 Presigned URL You can refer to the article, it thoroughly describes how to implement S3 Presigned URL. Another code example with Node JS. If you code in another language just google it "AWS S3 Presigned URL" and you will find it.
I see how to upload to Amazon S3 (from the client) and I see how to make requests to update a dynamoDB (from the client) but how do I upload a file to S3 such that I get a response back with "business logic" information?
For instance, I want to upload a photo to a uploadPhoto endpoint that will return to me the photoID of the photo in my dynamoDB model.
Yes I can upload a file to S3 and have it 'notify' Lambda but then its too late, S3 has already returned a response, Lambda can't send another response back to the client.
Its clear I shouldn't upload a file to Lambda.
So there is the API Gateway, its not clear that its a 'good idea' to upload files to API Gateway...
We just went through a similar scenario and unfortunately I think it comes down to 2 choices:
Use multiple requests - Client calls lambda to get presigned url, client uploads file directly to s3, then client calls back to lambda, lets it know the file has been uploaded and gets a response with all the business logic
One request - Create a service(likely on ec2) that sits in front of s3, so your client uploads directly to your service, your service then uploads to s3, does the business logic, and then sends the response back to the client. Definitely less work on the client but you get charged for twice as much bandwidth because you are uploading it twice.
We implemented #1 and it wasn't too hard. In our case the client is an Angular app so to the user it looks like one request but behind the scenes the app is making several calls.