Serving files with PocketBase

541 Views Asked by Bekzhan Satarov At 21 October 2024 at 05:38

What I want is to restrict access to files for unauthorized user.

PocketBase documentation says I can retrieve the file URL and access files through it. The example URL for a file would be like this:

http://127.0.0.1:8090/api/files/example/kfzjt5oy8r34hvn/test_52iWbGinWd.png

I can prevent unauthorized users to get this URL, but authorized users can share URL with other one.

Any ideas?

Original Q&A

There are 1 best solutions below

Bekzhan Satarov On 22 January 2023 at 07:17

I found a good way to secure files with nginx, by adding an extra location for my PocketBase server block and using an extra backend with one endpoint.

So, my nginx looks like this:

server {
    listen 80;
    server_name example.com;
    location /api/files {
        proxy_intercept_errors on;
        error_page 404 = @fallback;
        proxy_pass http://127.0.0.1:5000;
    }
    location / {
        proxy_pass http://127.0.0.1:8090;
    }
    location @fallback {
        proxy_pass http://127.0.0.1:8090;
    }
}

Where my expressjs backend working on port :5000 checks JWT and responds with 404 if it is valid. Nginx will redirect to :8090 (PocketBase) if 404 returned on :5000.

Serving files with PocketBase

There are 1 best solutions below

Related Questions in REST

Related Questions in STORAGE

Related Questions in POCKETBASE

Trending Questions

Popular # Hahtags

Popular Questions