This is probably a very silly question, but I’m still interested in the answer nonetheless! I’m also fairly novice so apologies for any outrageously silly assumptions I might of made!
Part of my application requires allowing authenticated users to download files uploaded by other authenticated users (around 1-10mb each).
The frequency (kinda guessing here) could be once every several minutes to a maximum of a few simultaneously, and each download will likely be serving a different file. The download speed doesn’t really matter.
Is creating an application to handle this in elixir/using phoenix a very silly idea and I should use some other language/framework or would it be fine?
I would likely have the files stored on a separate server with a very high bandwidth cap and lots of storage space, which I guess would also house the application that handles incoming download requests.
I’d then hopefully have cloudflare route a web request either to my web servers or download server to prevent my transfer caps getting obliterated on the web servers. (I’m hoping this is a thing I can do, never really used cloudflare before!)
Thanks in advance!
Don’t see why this wouldn’t be possible. I personally probably would just upload and download from an object storage (like Linode or Digital Ocean). That way uploads and downloads should be faster (since they can probably scale easier). And usually the bandwidth and storage cost is lower than if you store it directly on a server.
You can then use Phoenix to generate the time-limited token to upload directly to the object storage and if only certain users / only logged in users you can generate a token to download the file too. If it’s less sensitive you can put a CDN infront of it like Cloudflare to make it even faster/cheaper (technically you can’t use cloudflare only for files like that but unless you are doing many TB per day they probably won’t care).
2 Likes
As an education project – sure. But I see no reason why you wouldn’t just put the files somewhere and put the Caddy server software in front of them.
Or, as @victorbjorklund says, use various cloud providers for absolutely free unless somebody makes it a point to go download them 24/7 just so you can accumulate a cloud bill. 
Which is extremely unlikely.
2 Likes
I’m doing this for a low traffic personal library (me and my mum 
)
The download controller does basic auth to see if the user has the right to download the file, and then sends the file.
Something along the lines of
# for path /file/:id
# see if user is in session and/or authenticated, this can be done on plug level
# then find if the file exists and the user has access to it
# then
conn
|> put_resp_content_type(... your content type ...)
|> put_resp_header(
"content-disposition",
"attachment; filename=#{whatever filename you come up with}"
)
|> send_file(200, file)
I don’t see why this wouldn’t work even for significantly more users than a few at a time.
EDIT: Of course, if this becomes a problem, then other solutions like having them stored under one-time keys in an object storage as described above etc. would work better
3 Likes
Thank you to everyone who responded 
I’ve never heard of object spaces before so thanks for opening my eyes! Will do some more digging and may end up going that route, whatever is the cheapest I guess!
Will start off by giving it a go in elixir though and see how that works out for me and also for the sake of learning something new!
Thanks again!
1 Like
