Here is some background info for my project:
- A Django backend API with Django Rest Framework to communicate with the frontend
- A VueJS frontend (SPA) with Vuetify
- User authenticates with username and password and I use JWT to authenticate api requests (python lib is
djangorestframework-simplejwt) - I plan to host both frontend and API on the same Google App Engine
- The app has a photo gallery. User can only see its own photos.
Now I am not sure how to serve the photos... I guess Google Cloud Storage is the way to go.
Option 1 Initially I thought it would be simpler to retrieve the photos with the backend as it can simply authenticate to Cloud Storage with a service account. But I guess passing photos from backend to frontend through a serializer will be very slow. There can be a few hundred photos.
Option 2
It is probably far more efficient to only send the urls to the frontend (only the urls of current user). The frontend then gets images (e.g. <v-img :src={{ photo.url }}>). The problem is the client needs to authenticate to Google to be able to have read access to Cloud Storage. At this point I am lost.
- Should I use signed url?
- Should I authenticate the client to Storage with OAuth 2.0 as described here. But as I understand it, it means user has to have a Google account and consent to terms, etc.
- Can I have object-level permissions or is it necessarily bucket-level?
Thanks for any insight you may provide!
django-storagesfor handling remote media and it has integration with google cloud storage. so take a look at the docs – Bedilbek