Which is the way to go If I want to serve files for download with meteor but I want to restrict the access to the files. The service I want to create may resemble owncloud or google drive or dropbox …
Carrying out my research I didn’t find a proper answer. However here are my findings.
(Unfortunately there are hundreds of posts for uploading but not for serving (downloading))
Not possible to restrict access to these files.
Over DDP I can serve files as base64 strings and I can restrict the access very easily. However the drawbacks are that DDP isn’t designed for serving big files and the files cannot be cached by the server.
Explained here: Send PDP from server to client
So this is only for a quick and dirty solution but not satisfying.
CDN like S3:
I can use a CDN like S3 where I can set an expiration policy for S3 ressources but after the expiration I will receive a new url which means that the file cannot be cached by the browser either. Further more I think expiration isn’t an appropriate solution as i want to check the permissions on every request.
Example here: make url link to other url
HTTP Response with picker:
IMHO files are served ideally over http(s). Is meteorhacks/picker the only good solution to serve files over http?
Am I missing out on something?
Or are my findings wrong?
Is there another way to use S3 for servig and restricting file access?
Are there any other solutions (packages) for serving files over http?
Could Meteor-Files be a solution?
Would be curious about any feedback or shared experience