W
Wasp11mo ago
Dimitrios Mastrogiannis

file download from s3

Hey! I am building a platform with file upload. i used the open saas guide for file upload. what's the best way to ensure file download, aws only supports a presigned url for a max of 7 days. what should i do?
17 Replies
Vinny (@Wasp)
Vinny (@Wasp)11mo ago
you can just get a new url for each download that's the logic used in the example. each time download is clicked, a new presigned URL is generated what kind of file are you trying to downlaod @Dimitrios Mastrogiannis ?
martinsos
martinsos11mo ago
What @Vinny (@Wasp) said! Just to add: if you want anybody to be able to download a file, meaning it is public, I beleive you can even get a permanent url from S3 (AWS). On the other hand, if you are producing signed download URLs in order to limit access to who can download, then those last only 7 days because the idea is that if they leak or something, somebody else don't gain access, so yeah, you have to generate fresh ones. If you give us a bit more info about the whole situation, maybe we can give some extra advice.
Vinny (@Wasp)
Vinny (@Wasp)11mo ago
exactly. also, in the current Open SaaS code, the URLs expire after 30 seconds but you can change that: 
export const getDownloadFileSignedURLFromS3 = ({ key }: { key: string }) => {
  const s3Params = {
    Bucket: process.env.AWS_S3_FILES_BUCKET,
    Key: key,
    Expires: 30, // <----
  };
  return s3Client.getSignedUrl("getObject", s3Params);
}
export const getDownloadFileSignedURLFromS3 = ({ key }: { key: string }) => {
  const s3Params = {
    Bucket: process.env.AWS_S3_FILES_BUCKET,
    Key: key,
    Expires: 30, // <----
  };
  return s3Client.getSignedUrl("getObject", s3Params);
}
martinsos
martinsos11mo ago
Oh wow that is fast! Is that some recommended default? Sounds very short hm. It is not 30 minutes maybe?
Vinny (@Wasp)
Vinny (@Wasp)11mo ago
in the current implementation the link is opened directly after generating so a new download link is generated each time do you think it's best to increase it @martinsos? i geuss I should at least increase it in case response time from the server is slow
martinsos
martinsos11mo ago
Ha no idea @Vinny (@Wasp) ! Yeah, I think I would make it a bit longer, you are right, if server is a bit slow, or a person is slow to click, it is a bit short.
Dimitrios Mastrogiannis
Dimitrios MastrogiannisOP11mo ago
my case study is that i am building a platform where people are able to upload their projects together with files, and then those files should be accesible by other users
Vinny (@Wasp)
Vinny (@Wasp)11mo ago
well if those other users are always accessing the files via your app, then your app will always presign the urls and therefore it shouldn't be an issue, i.e. they don't need to be publicly accessible. if you want to be able to send any user a link, via email or something, for example, then you have to go the public link route
Dimitrios Mastrogiannis
Dimitrios MastrogiannisOP11mo ago
Gotcha! i will try and use this logic then
Vinny (@Wasp)
Vinny (@Wasp)11mo ago
ok cool! let me know how it goes like Martin said, maybe just increase the Expires property to 120 or something a bit longer
Dimitrios Mastrogiannis
Dimitrios MastrogiannisOP11mo ago
Thanks a lot! I appreciate it, i found out about wasp a month ago, and I am doing things i never expected
Vinny (@Wasp)
Vinny (@Wasp)11mo ago
haha that's great to hear. that's the idea!
Dimitrios Mastrogiannis
Dimitrios MastrogiannisOP11mo ago
what if i want the users to be able to download files even days later?would a new url be created then?
Vinny (@Wasp)
Vinny (@Wasp)11mo ago
yep
Dimitrios Mastrogiannis
Dimitrios MastrogiannisOP11mo ago
Perfect! thanks so much
MEE6
MEE611mo ago
Wohooo @Dimitrios Mastrogiannis, you just became a Waspeteer level 3!
martinsos
martinsos11mo ago
@Dimitrios Mastrogiannis I was implementing something similar years ago -> not in Wasp, but in React + S3, and it is exactly the same thing. I don't have that code any more, but the main idea was that if I want to show them files, like list them, then I would obtain that information from S3 and show them the names of the files/folders. I think I would obtain that info on the server and then return it to the client (so a Query). Only once they want to download a specific file, would I obtain a presigned URL and give it to them, to use it to download that file. If you wanted that URL to last longer -> well, you could I guess put Expires to lnoger time, as @Vinny (@Wasp) said, I am not sure what is the limit on it though, what is the maximum time. But if that time expires, then yeah, you could have them ask again. I am guessing what you want to do is have user share a link with other user, let's say via email, and that link to stay valid for long time or forever. If so, what you can do, is have them share a link that is not a S3 presigned URL -> instead you share a link to a route in your Wasp app (probably on client), for example https://myapp.com/downloadFile/fileId where fileId is something that will allow you to know which file they want -> so once they come there, your logic will based on fileId obtain a new download URL from S3 and give them that (maybe immediatelly, maybe once they click download, or maybe after you authenticated them and verified they are indeed that user, ...). So you have a lot of freedom really to control this experience for them, and you should look at the presigned URLs from S3 as just a final step in the process, kind of like telling S3 "ok this person now really wants to donwload this, let's do it".
Want results from more Discord servers?
Add your server