Reputation: 1603
Secure access of webassets with Flask and AWS S3
I am trying to serve files securely (images in this case) to my users. I would like to do this using flask and preferably amazon s3 however I would be open to another cloud storage solution if required.
I have managed to get my flask static files like css and such on s3 however this is all non-secure. So everyone who has the link can open the static files. This is obviously not what I want for secure content. I can't seems to figure out how I can make a file available to just authenticated user that 'owns' the file.
For example: When I log into my dropbox account and copy a random file's download link. Then go over to anther computer and use this link it will denie me access. Even though I am still logged in and the download link is available to user on the latter pc.
Upvotes: 0
Views: 984
Answers (1)
Reputation: 5649
Make the request to your Flask application, which will authenticate the user and then issue a redirect to the S3 object. The trick is that the redirect should be to a signed temporary URL that expires in a minute or so, so it can't be saved and used later or by others.
You can use boto.s3.key.generate_url function in your Flask app to create the temporary URL.
Upvotes: 1
Related Questions
- python flask application in AWS EC2
- Securing a flask app (python)
- How to efficiently allow for users to view Amazon S3 content?
- How to store secrets for a Python Flask App on EC2
- Amazon SES with Flask Python
- Deploy flask application without AWS access key
- Restrict Access for FLASK Application deployed to AWS ElasticBeanStalk
- Deploy simple server using Flask on AWS
- Handling Secret Keys when deploying Flask app on AWS
- Deploying Flask app to via Elastic Beanstalk which interacts with S3