I have a few questions about using Shrine with tenancy-based access to images.
Currently, my site is set up with publicly accessed images, all via CloudFront.
- I’m using Rails with Devise, is download_endpoint the best way to make these images private via Devise authentication?
- Will this plugin also make all derivates private also?
- Should I remove “public: true” from “store_s3_options” when using the download_endpoint plugin?
- What is the best practice for setting “max-age=XXX”? Should it be less than a week, or a month?
- Can the download_endpoint host be set using environment variables, as I’m using different Cloudfront buckets for development and production?
Separate (but possibly associated) question - is it possible to set up a download_url for an image? So when a user clicks the link, they can not directly access the image and it forces a download?