What is the best way to implement google cloud storage?

Question

I am using google cloud storage for content at server side like user's videos, images and profile picture. I have some doubt about what is the best practice to implement google cloud signed URL concept.

According to me

1st:- I can store an object name in database and generate a signed URL to get that content every time. But there are extra API call from client side.

2nd:- I can generate a signed URL at the time of uploading content and store it in database with long term expiry. So there are no extra API calls from client side.

But what about when URL expired. Please suggest me the best approach to implement it.

Answer 1

Signed URLs rely on expiration to provide security, so setting a very high expiration and storing the signed URL indefinitely will compromise this.

A good trade-off is to cache the signed URL somewhere (such as in a database) and only re-generate it after it expires instead of every time the client requests it.