Restricting access to some resources

For this use case I'd normally recommend using a signed URL as it does pretty much what you're asking for.

Could you explain more about why you can't create a signed URL for each file? Yes, there's a little bit of compute overhead there; but it happens at the back end and there is already logic in the API to determine file ownership so you're already 90% of the way there.

Hi, thanks for the answer. Streaming through internet means split a single mp4 file in many smaller files. Converting a single mp4 file in a format streamable means create a folder containing an m3u8 playlist file and many *.ts files indexed in that m3u8 playlist file, usually one each 10 seconds of the content to stream. To play this files you have to "pass" the m3u8 file to your player, and it will take care about retrieving each single "ts" file listed in the playlist.

I can generate a signed url using jolly characters to get all the content of the folder, the "m3u8" file and all the "ts" files. But, to make the url safe i have to put an expiring time on it, let say 20 minutes. What happen when the player tryies to get the next ts file after the signed url has expired? i could intercept this event and generate a new url to replace the expired one but i don't think that videoplayer would like changing source while playing it. this is a really big problem.