On Sat, Jun 20, 2009 at 6:01 PM, John Clancy<[email protected]> wrote: > > I've set up attachment_fu to save photos for my rails application to > amazon s3. All works great but now I'd like to add some privacy to > this. > > So, if one of my users downloads a photo it is only viewable by that > user. > > One idea is to use the uuid_primary_key function to pseudo-randomize the > pictures. > > That is, the general public would have to guess the uuid_primary_key to > steal the photos. > > But, this is not completely safe and private. > > Does anyone have any other ideas? Or should I view uuid_primary_key as > safe enough?
Amazon have a system where you can set a private url that expires after a short time. The expiry is encoded into the url so it can't be changed. Attachment_fu supports it with something like: file.authenticated_s3_url(:thumb, :expires_in => 5.minutes.to_i) Andrew Timberlake http://ramblingsonrails.com http://MyMvelope.com - The SIMPLE way to manage your savings --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
