I’ve used edgee:slingshot before - probably back around 2015… It was fantastic!
Fast forward to now and I have a requirement to handle uploads again.
That package hasn’t been updated since 2016.
I don’t want to get caught out with a package which might fail with a future Meteor updates.
Does anyone know if it is still maintained? Perhaps are there better ways to handle uploads in 2021?
Do you use signed URLs to access the uploaded files to S3 - or just the direct bucket URL?
In my previous usage of slingshot the files being uploaded were not private, but in my current project this would be ideal.
I am looking into the AWS documentation, don’t think it should matter either way (slingshot or meteor files). Just wondering if anyone has successfully implemented it
We ended up rolling our own version of slingshot specifically for AWS to support multi part uploads (and by extension retries) but we needed support for > 5gb uploads. Implementing the signing is not trivial and AWS’ documentation on this isn’t great (the case of the variable names is critical and not always documented correctly) and it’s not always the incorrect request that fails, but the final “complete” request.
We then use either CloudFront to connect with signed policy cookies (more efficient than directly signing each url) or custom per session temporary credentials for direct s3 access (CloudFront doesn’t support encrypted s3 objects sadly). The url signing is pretty easy.
We currently use slingshot for client side uploads and it do have private uploads, you can just set the param per directive. Then we just get signed urls from the server after validating that user has permission to access the file.