How upload works in thumbor
thumbor provides a /upload end-point so you can use it as a central point for all your imaging needs.
This way you can send thumbor your original images by doing a simple post to its urls.
thumbor comes with the upload end-point disabled by default. In order to enable it, just set the ENABLE_ORIGINAL_PHOTO_UPLOAD configuration in your thumbor.conf file to True.
thumbor will then use the storage specified in the ORIGINAL_PHOTO_STORAGE configuration to save your originals. To create your own storage check the Creating my own Storage page.
If you want your thumbor service to allow image deletions, simply set the ALLOW_ORIGINAL_PHOTO_DELETION configuration to True.
By the reasons outlined in the first catch below and because putting images might result in attackers changing your original images (read more about the verbs at Posting, Putting and Deleting), thumbor won't allow putting by default. If you want to allow putting, just change the ALLOW_ORIGINAL_PHOTO_PUTTING configuration to True.
The first catch is security. You most surely don't want people all over the web messing around with your upload end-point. If you do want it to be open, skip to the next catch.
In order to ensure that thumbor remains secure, you must do something like only allowing the /upload route in your nginx or apache webserver for the local network, or something like that. Just be advised that the /upload route is NOT safe to expose to the web (specially if you allow PUTting to it).
The second catch relates to how thumbor stores loaded files. When an image request arrives, thumbor calls on the specified storage to find out if it needs to load it from a remote source (possibly Http which is really slow).
If it does not have it stored already it will load it from the remote source and then call on the specified storage to store it. The next time around, thumbor will already have the original, thus eliminating one round-trip to a remote source.
The problem here is that if you are using the upload end-point you possibly have the images in the local network and thus don't need to store them AGAIN. If that's your scenario, just use a mixed storage and set the MIXED_STORAGE_FILE_STORAGE to thumbor's null storage (thumbor.storage.no_storage).
On the other hand, if you are storing your originals in a cloud service like Amazon's S3, then it might be really good for thumbor if you use local storage (filesytem, redis, mongo or anything you can come up with) to improve the speed of the most recent images. If you come up with a cool storage, please feel free to contribute back.
The third and minor catch is about the verbs. You can read more about it in Posting, Putting and Deleting. It's important to understand each verb way of working.
If you need to save additional metadata (author, title, etc.) you need to store that information elsewhere. thumbor will only store image binaries.