Google Storage - Django - How to provide access to video and image files based on Django User Authentication?

Question

I have Django App where users can login with either Email, Google or Facebook accounts. Each user has media files stored in Google Storage. When I make Google Cloud bucket publicly available, it works as expected yet is there a way to make each Google Storage object accessible to only particular user ? What is the best proper way to achieve this ?

Answer 1

As an alternative you can use your bucket as Cloud Storage FUSE drive, this solution allows to mount your bucket like directory on Linux.

With the FUSE drive you can implement access control from your application, like any other local resource, without any additional Google Library.

Answer 2

To allow access to a certain resource for a limited period of time, you need to sign the url: Signed Urls

Depending on your use case, there are multiple ways to do this:

1. If the files are owned and accessible by only one user you can save the files in the Google Cloud Storage Bucket within a path containing the userId (e.g: users/{userId}/images) and you allow only the user with userId to get a Signed Url for the required file.

2. If the files are accessible for certain users based on some logic, you can keep the files into a database table GoogleCloudStorageFile, create a Many-To-Many relation between GoogleCloudStorageFile and User and generate signed urls for a resource only if the user is linked to that file.