I'm writing a web application in go and I'm using amazon s3 to store all the user files, this include the profile pics and text and audio files.
However I'm struggling to understand what will be the correct way to do this securely. What I was thinking is after making sure the request comes from an authenticated user with access to the requested file, just use the aws go library to fetch the file and write it to the http request.
Something like this:
import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/s3"
"io"
)
func serveFile(file string, w http.ResponseWriter) {
svc := s3.New(session.New(), aws.NewConfig().WithRegion(config.AWS.Region))
params := &s3.GetObjectInput{
Bucket: aws.String("Bucket name"),
Key: aws.String(file),
}
resp, err := svc.GetObject(params)
n, err := io.Copy(w, resp.Body)
}
I don't have much experience working with AWS so I'm not sure this is even a good approach, but it works. Is this a good way to do it, for a production server? Is there a better, more reliable way?