Storing user-submitted files (images, pdfs) in a scalable way?

Question

On my platform I am allowing users to upload their own images and pdfs.

In my IaaS VM I use nginx, Redis and MongoDB; so I was thinking maybe to store them temporarily in Redis then push them to a static file route in nginx. I need security permissions on the files (user access restrictions); so was thinking to store {filename↔access-control} information in MongoDB.

Is that the best approach; or is there a better one you can think of?

Answer 1

The solution I am going with:

• Pathname↔filename stored in database
• Metadata associated with filename (in the file name); providing namespacing (e.g.: for subsequent sharding between servers and data centres)
• Actual file stored on an nginx static file route (need to investigate security concerns here)

Still in need of suggestions on securing files from nginx without serving static files through e.g.: Python