Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Securely Fetch and Mask Document URL #133

Open
4 tasks done
mahid797 opened this issue Dec 19, 2024 · 2 comments · May be fixed by #140
Open
4 tasks done

Securely Fetch and Mask Document URL #133

mahid797 opened this issue Dec 19, 2024 · 2 comments · May be fixed by #140
Assignees
Labels
Backend Backend Related Issue Core Work to do on the core system of the App New Feature New feature to be implemented
Milestone

Comments

@mahid797
Copy link
Contributor

mahid797 commented Dec 19, 2024

Develop a backend API to securely fetch the Supabase URL for a document and convert it into a masked, user-friendly URL. This step ensures the document's storage URL is not exposed to the frontend and that all security measures are in place.

Tasks

  • Implement a backend endpoint to fetch the Supabase URL for a document.
  • Generate a masked URL (short and user-friendly) that securely maps to the original Supabase URL.
  • Ensure only authenticated users with proper permissions can access the endpoint.
  • Add support for optional parameters such as expiration date or password protection (passed from the frontend).
@mahid797 mahid797 added New Feature New feature to be implemented Backend Backend Related Issue Core Work to do on the core system of the App labels Dec 19, 2024
@mahid797 mahid797 added this to the 1.0 milestone Dec 19, 2024
@parwatcodes
Copy link
Member

I need more scope and clarification on point 3.

  • Ensure only authenticated users with proper permissions can access the endpoint.

@mahid797
Copy link
Contributor Author

I need more scope and clarification on point 3.

  • Ensure only authenticated users with proper permissions can access the endpoint.

@parwatcodes This just means to check if the User is currently authenticated/ Session not expired before proceeding with any Database or Storage Bucket changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Backend Backend Related Issue Core Work to do on the core system of the App New Feature New feature to be implemented
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants