This server acts as the intermediary and record keeper for S3 backed uploads from the dropit client.
Basically, you get an account on this machine, and then the API signs upload requests for the client.
This is "better" than putting keys directly in the client for three reasons.
- Rate/size limiting is now an option
- Direct accountability for uploads is tied to a username/password
- You can have pretty preview pages for uploads
You will need Python ~2.7 and redis.
Everyone has their own favorite setup, but I like gunicorn + gevent behind nginx.
It works fine on Heroku.
By default, we load up a configuration file whose path is specified by the environment variable
In this config we need the following keys:
If you can't figure out what the first three are, you should go do some reading on S3.
UPLOAD_URL_BASE is the root of where direct uploads go. This is so if you CNAME your S3 bucket you can specify that.
In general this should be something like
http://mybucket.s3.amazonaws.com/ but could be anything as long as it's all
Data is stored in redis, as hashes to represent objects, and lists/strings for indexes.
Uploading A File
- Authenticated client hits /upload/sign
- Server takes content type, size, etc and generates an AWS policy for the upload, signs it and returns to client
- Client uploads directly to S3 using this policy
- Client notifies the server of the upload success (or failure)