I have a bunch of real time IP camera images on the web server.
Is there a way to develop an API (RESTFUL) with token to let developers access those images and still prevent unauthorized user to access those image url?
such as
http://example.com/camera1?token=1234&cameraID=camera1
If the API returns an URL of
http://example.com/camera1.png
then everyone can access the camera1 image without token if he already knows the camera1 image URL.
It seems I have to use an dynamic URL
http://example.com/adfaofnhafa.png
instead of fixed name URL to prevent this from happening.
Or I can use image BASE64 encode to conver the image to binary string and return the long string in JSON format.
What's the best way to do this? Each of my image size is under 200KB and I have 150 IP cameras images update in real time and saved on the server hard disk with the fixed name.
How did facebook or youtube do it? If I have already know your facebook photo URL when call the API for the 1st time, after that I can access it anytime and anywhere without call the API again.
Related
We are storing the videos in object storage (aws s3/oci os) and using object uri's we are able to play the videos from HTML video player. but if we make the bucket access as private then possible ways are use the pre-authenticated urls or use the object storage sdk api to get the input stream for video object, stream the data using data buffers with ResourceRegion in webflux (we can handle all the authentication stuff to access private bucket data).
My query is there any better way to access the private bucket videos (content delivery & streaming)? Can we provide a proxy url instead video object uri directly to client, because I can handle some authentication & authorisation stuff on this url and will hidden the actual video object uri so that we can prevent the video downloading from any third party apps.
Kindly provide suggestions on this.
Yes, there are ways. One way is to have a proxy server route external HTTP calls. But that will have only limited features. Another option is to have custom written microservice to stream data from a private/public bucket via an HTTP endpoint with additional custom business logic.
You may refer to this sample Spring Boot microservice code to stream content from OCI Object Storage.
https://github.com/oracle-devrel/oci-sdk-java-samples/tree/main/usecases/storage-file-streaming
You can generate a new access key and secret from your s3 storage, create a small/simple service/api with node or any language of your choice, and every time your app needs a url for a video, it can send a request to the service for a new url which can have an expiration time on it.
Also, in your api you can ensure only your app can access the request for new url.
However, if you mean you want only your browser or your client's to be the only ones that can access the video then that may be difficult. From the above, you can control who can access the url, how long the url is active and who can call the api. Third parties have to do a lot bypass your restrictions
I tried to search it everywhere but i couldn't find my answer. Here is the case
I have a form in Laravel,
User can upload video through this form.
The video is going to be saved/upload on VIEMO by API call.
Now what I want is, I don't want to save the video on my server, i.e I don't waent to save it on hosting app server
I want to directly send it to the VIEMO API but I am not sure how do I directly send it.
SO far this is the code
$video = $request->file('video');
dd($video);
Vimeo::connection('main')->upload($video);
Can somebody guide me how do i send this video coming through HTTP POST method directly to api.
Thank You
Instead of passing a UploadedFile instance to upload(), try passing the temporary file path:
Vimeo::connection('main')->upload($request->file('video')->path());
I am in process of creating a REST API with image upload/retrieval capabiilty.
Instead of sending image data to server, for it to upload to the storage.
I am thinking of doing the following:
client directly uploads image to the storage (Azure Blob Storage)
obtain image url from the blob storage if upload is successful
send image metadata along with the image url in blob storage to Server to be maintained
Is this an acceptable approach in terms of managing image data (or videos or any non string data) through Rest API?
Also, what are some of pros/cons for setting up service this way?
There's nothing preventing you from doing it that way, but it introduces a bit of unnecessary complexity:
The client needs to be aware of different endpoints to handle this particular type of request.
If something changes in your Azure Blob Storage endpoint, you have to change the client code. And if you have users using an old cached version of the app, they may get odd errors.
Your client has to be carefully implemented to handle the process of first uploading the image to Azure and then sending the URL to the API. If the user refreshes, clicks the upload button again, or if there's a network issue, you will face complicated scenarios.
My recommendation is that you can encapsulate this complexity in the server, where you have better control of what's going on, by letting the client send a POST request with multipart/form-data MIME type. The server can respond to this with details about the endpoint for the image in the server.
I've seen from this post that you can get a user profile image from any of these:
https://twitter.com/[screen_name]/profile_image?size=mini
https://twitter.com/[screen_name]/profile_image?size=normal
https://twitter.com/[screen_name]/profile_image?size=bigger
https://twitter.com/[screen_name]/profile_image?size=original
And that redirects to an image, which works fine. I'm trying to similarly get the image from a status of form
https://twitter.com/[screen_name]/status/894610590915641345/photo/1
This doesn't redirect to anything, and neither does this:
https://twitter.com/[screen_name]/status/894610590915641345/photo/1?size=original
Searching Twitter API brings up only their libraries. Is there a URL to do this?
No, there's no shortcut URL to get the images attached to a Tweet. You'll need to retrieve the Tweet via the API, and then extract the media URLs from the JSON response. Use the statuses/lookup endpoint to get a Tweet by ID.
I'd also suggest using the API to get the user profile image, as the shortcut URL you mention is not officially supported, does not work on mobile, and may be removed in future. Use the users/show endpoint to retrieve a user by screen_name.
Using the imageshack API I can upload images to imageshack but I have to use an API key to do that. I can create a POST form for the image upload to imageshack but the key has to be put in the form and that exposes the API key publicly. How can I upload images to imageshack without exposing my API key?
I think the only way to do this properly is that the image is first POSTed to your OWN application by the user.
Then in your app you internally redirect this POST to ImageShack, where you can use your API key safely without anyone ever seeing it.
You can use something easy like RestClient to run the POST request from your back-end. You will need to store the image temporarily on your server, either in memory or on disk, for retransmission to ImageShack.
So:
User sends image with POST to your server
Your server receives the image in the POST request from the user
Your server runs a POST with this image to ImageShack using your API key
The POST request from step 1 returns successfully to the user