Access to Private files on Amazon S3 with RAILS

Question

I would like to allow users of my website see a special "Image/Video/HTML" but only if they login through facebook connect on my Rails site...

I would like to use Amazon S3 to store the media.. My question is how do I give limited access to my users only if they are logged in? Once they have the URL of the "Image/Video/HTML" I would not like them to be able to access it unless they are logged in with facebook on my site..

Also, will I be able to continue this kind of private site if I want to use Amazon Cloudfront?

This is a starting point for whitelisting only my domain... but I want to make sure the user is logged in through fb connect in order to serve them the appropriate resource...

https://gist.github.com/3716433

score 2 · Accepted Answer · edited May 23 '17 at 12:20

2

I think this depends on how you're including S3 assets in your app. Here are instructions if you're using paperclip:

https://github.com/thoughtbot/paperclip/wiki/Restricting-Access-to-Objects-Stored-on-Amazon-S3

Here's another question that deals with this issue using the aws-sdk gem:

How to store data in S3 and allow user access in a secure way with rails API / iOS client?

edited May 23 '17 at 12:20

Community

1
1

answered Oct 21 '12 at 17:56

Dreyfuzz

486
2
13

Thanks! this looks promising.. any idea if i begin using Cloudfront after S3? – sambehera Oct 21 '12 at 18:45
Don't want to speak to that as I've never used Cloudfront. Sorry! – Dreyfuzz Oct 23 '12 at 18:59

Access to Private files on Amazon S3 with RAILS

1 Answers1