Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to generate presigned S3 urls using django-storages?

Tags:

django

boto3

python-django-storages

I have a Django form which saves a file to s3 through the django-storages library and works fine. How can I generate and return a pre-signed url so the user can access the file temporarily after it is uploaded ? Is this abstracted by django-storages or do I have to use the boto3 api?

I have spent hours going through the Django-storages documentation however it is not very clear how to do this ..

form.py

class DocumentForm(forms.Form):
    docfile = forms.FileField(
        label='Select a file',
        help_text='max. 42 megabytes'
    )
   name = models.CharField(max_length=20)
   uploaded_at = models.DateTimeField(auto_now_add=True)

views.py

def upload_file(request):
   if request.method == 'POST:
      form = DocumentForm(request.POST)
      if form.is_valid():
         form.save()
         url = #generate pre-signed url of uploaded file here
         return render(request, 'upload_response.html', url)
like image 466
chaudim Avatar asked Oct 04 '20 09:10

chaudim

People also ask

What is Presigned S3 URL?

A user who does not have AWS credentials or permission to access an S3 object can be granted temporary access by using a presigned URL. A presigned URL is generated by an AWS user who has access to the object. The generated URL is then given to the unauthorized user.

How do I upload a Presigned URL?

When you create a presigned URL, you must provide your security credentials and then specify a bucket name, an object key, an HTTP method (PUT for uploading objects), and an expiration date and time. The presigned URLs are valid only for the specified duration.

Is S3 Presigned URL safe?

Pre-signed URLs can be generated for an S3 object, allowing anyone who has the URL to retrieve the S3 object with an HTTP request. Not only is this more secure due to the custom nature of the URL, but the available options also allow you to set an expiration on the URL, the default being one hour.

2 Answers

Turns out you do not need to use boto3 to generate a presigned url. Django-storages abstracts the entire process. You can simply generate it as follows docfile.url.

--- Edit ----

For reference, here is the S3 storage class method that generates the pre-signed url for you https://github.com/jschneier/django-storages/blob/770332b598712da27ecdba75c9e202ad6a1a8722/storages/backends/s3boto3.py#L554

like image 182
chaudim Avatar answered Oct 17 '22 11:10

chaudim

Here is sample code for generating pre-signed url for object in S3

import boto3

client = boto3.client('s3')
response = client.generate_presigned_url('get_object',Params={'Bucket': bucket_name,
                                                              'Key': objectpath},
                                         HttpMethod="GET", ExpiresIn=expires_in)
like image 2
santosh Avatar answered Oct 17 '22 11:10

santosh
Sign in to Comment

Related questions

How to generate signed url in Django Rest for a file in google cloud storage?
Firebase (client-side vs server-side)
ModuleNotFoundError: No module named 'xxxdjango'
Pass Django SECRET_KEY in Environment Variable to Dockerized gunicorn
Creating a custom django logging handler. 'module' object has no attribute 'handlers'
How do I write a Django ORM query for the reverse relationship in a one-to-many relationship?
How to get the files uploaded in InMemoryUploadedFile django
ImportError: cannot import name _remove_dead_weakref in django virtualenv
Django-admin TypeError: __init__() got an unexpected keyword argument 'allow_abbrev'
Annotation in Django Admin
How to get the .env file into the remote host server
id is not present in validate() and ListSerializer's update() Django Rest Framework
Django Secret Key Compromised
Model with manyToMany InvalidCursorName in admin
Cant create CSV file with django although already copaste from the documentation
AWS Cognito for Django3 + DRF Authentication
How to open a project folder in Spyder IDE?
How to change the default zoom level of a map in Geodjango's admin?
How to continue executing celery queue after stopping Redis and then starting it later?
How to use custom YAML file as API documentation in Django REST Framework?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!