Authentication for accessing files


#1

Hello,

I am trying to integrate Uppy into a website and am using Tus in conjunction with it in order to get resumable file uploads. I am currently using tusd as the server and am using its hooks feature in order to check against a SQL database to determine whether or not to accept the upload, among other things such as keeping track of which user uploaded a particular file by storing the upload ID in the database.

I was wondering if there was a way to perform these types of checks when accessing files on the endpoint, not just uploading. The reasoning behind wanting to do this is to prevent users who didn’t upload a particular file as well as logged out users from accessing other users’ potentially sensitive files.

One of the thoughts I had was to create a PHP script and use rewrites in Apache and use it to check if the user has rights to the file against the database before sending them to the file they are trying to access, although I’ve been having a hard time getting this to work properly, especially while still wanting to be compatible with file uploads, as I’m not sure as to how Uppy communicates with the tusd endpoint and if rewrites could potentially cause issues.

My question to you all is, what would be the best approach to implementing a solution that would allow me to limit access to files on the Tus endpoint? I’m curious as to whether or not any of you have attempted the same thing.

Thank you!


#2

Hello there, apologies for my delayed response. I hope I am still able to help you.

First of all, tusd is not engineered to be a downloading service. This can be seen in the facts that it has no functionality for caching, partial downloads or authentication for downloads. Therefore, I would encourage you to see if you can download the files from your underlying data storage (e.g. disk, AWS S3) directly and avoid going through tusd.

Anyways, if you still want authentication for tusd downloads you would have to use a proxy, such as Apache, as you already mentioned. I have to admit that I am not very experience in Apache, so I cannot give you concrete hints but rewriting the URLs and then passing the request through PHP seems like a system which can easily break. Did you have a look the authentication/authorization modules for Apache (https://httpd.apache.org/docs/2.4/howto/auth.html)? The mod_authn_dbd and mod_authz_dbd look interesting since they use a SQL database for looking up information about the users.

A small tip for that: tus uploads only use the POST, HEAD and PATCH methods for HTTP. Downloads use the GET method. So if you restrict your rewrites to GET requests, it should not interfere with the uploads.