I’ve found this feature from Azure:

https://docs.microsoft.com/en-us/azure/cdn/cdn-token-auth

How could I do something similar with DigitalOcean Spaces?

I’ve built out a slideshow SPA that I would like to integrate a scalable storage solution with. The slideshows contain images that must be served quickly, and cannot be served to other users.

I’ve seen this kind of system implemented by large companies like Google, but I haven’t found much info on this kind of system online.

I currently require a bearer token in my API, check the token, and the server the image from the server’s file system. I’d like to get the quick delivery of a CDN, but I also need good security for my users.

1 comment
  • I’m also interested in a setup like this. I’m developing an application which will serve a lot of static data to registered users, but want to limit access to this static data when users aren’t logged in. The scalability of a CDN is of interest to me, but the only way I can see to limit access to a resource is by checking the “private” permission and providing an API key and secret for generating a signature. To keep this secure I would need a separate API key an secret for every registered user.

    I’m planning to use cryptographically-signed user tokens (JWT or otherwise) to authenticate with API endpoints. I could use these tokens to authorize requests, but there’s no obvious way to integrate this with Spaces short of having my API server send a request to spaces. I don’t really see a reason to add this level of cross-talk or latency when I could just store the static files directly on my API server. But by serving from the API server instead of from spaces I’m paying block storage pricing instead of object storage pricing (5x more per gigabyte) and I miss out on the CDN.

    Ideally I’m interested in an edge compute service through DigitalOcean

Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!