Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature Request: Add Support for Generating Presigned URLs for Direct Uploads #1481

Open
adityaprakashgupta opened this issue Jan 6, 2025 · 1 comment

Comments

@adityaprakashgupta
Copy link

adityaprakashgupta commented Jan 6, 2025

Hi! First off, thank you for maintaining django-storages—it’s been a fantastic tool in so many of my projects.

That said, I ran into a bit of a challenge recently when dealing with file uploads in a project. Right now, django-storages handles uploads by routing files through the application server. While this works, it has some drawbacks, especially when dealing with large files or users with slower internet connections. Timeouts become a real issue, and the server ends up consuming a lot of unnecessary bandwidth.

A solution I’ve used in the past (outside of django-storages) is presigned URLs. They allow users to upload files directly to storage services like AWS S3 without involving the application server. This offloads the heavy lifting to the storage provider, avoids timeouts, and makes the whole process more scalable.


Feature Request:
It would be great if django-storages could natively support generating presigned URLs. For example, we could have a method like this:

from storages.backends.s3boto3 import S3Boto3Storage

storage = S3Boto3Storage()
presigned_url = storage.generate_presigned_url("uploads/example.jpg", expiration=3600)

This could use boto3’s generate_presigned_url method for AWS S3. Ideally, similar functionality could be added for other storage backends, like Azure Blob Storage and Google Cloud Storage.


Why This Matters:
Here’s why I think this would be a great addition:

  1. Scalability: By letting users upload files directly to the storage backend, we reduce the load on the application server and avoid timeout issues.
  2. Better User Experience: Large file uploads, especially for users on slow networks, become much smoother.
  3. Security: Presigned URLs are time-limited and can restrict access to specific files, reducing the risk of path traversal attacks or malicious uploads.
  4. Modern Workflow: Direct-to-cloud uploads are becoming the standard in many applications, and this feature would make django-storages more aligned with these modern practices.

Challenges to Consider:
I realize this could involve a bit of work:

  • Ensuring compatibility across different storage backends.
  • Adding proper documentation and examples so users can easily integrate this into their workflows.

References:
Here are some links I found useful while working on this myself:

Thanks again for all the work you do on this project—I really appreciate it! Looking forward to hearing your thoughts.

@bilalnaqvi
Copy link

bilalnaqvi commented Jan 15, 2025

from storages.backends.s3boto3 import S3Boto3Storage

storage = S3Boto3Storage()
presigned_url = storage.url("uploads/example.jpg", http_method='PUT', expire=3600)

this should solve the problem @adityaprakashgupta.

note: need to update the S3 policy for PUT method

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants