DEV Community

Discussion on: I need to serve files from grapghql, is it possible?

Collapse
 
andyj profile image
Andy Mikula

Is external storage an option? For example, sending over an S3 URL via the server and then retrieving the file from there?

Collapse
 
dechamp profile image
DeChamp

It could be a option and one that we discussed. The concern is if for what ever reason someone were to gain access to that url, they could gain access to protected information. We prefer it be locked down

Collapse
 
andyj profile image
Andy Mikula

That's fair! With S3 (and likely other solutions) you can generate expiring URLs which might solve for part of that problem, and set up access control to restrict things to requests from your application, but that might end up being more work up front than keeping everything in-house.

Thread Thread
 
dechamp profile image
DeChamp

We deal with PHI, so we can not have a unsecured link, even if it expired right away. So unfortunately this was not a working solutions for us. But it is a good solution for other cases. Thank you for the suggestion. We are going to end up creating a new restful service to deliver the files behind the auth.