set signed s3 url expiry with env value

Adds S3_SIGNED_URL_EXPIRY val to .env and settings (defaults to 15 mins) Note that this is reset every time the user loads the exports page and is independent of the _creation_ of export files.
2024-05-02 00:29:04 +00:00 · 2024-03-24 20:53:49 +11:00 · 2024-03-24 20:53:49 +11:00 · dd27684d4b
parent 5b71e94888
commit dd27684d4b
3 changed files with 15 additions and 4 deletions
--- a/.env.example
+++ b/.env.example
@ -71,6 +71,9 @@ ENABLE_THUMBNAIL_GENERATION=true
 USE_S3=false
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
+# seconds for signed S3 urls to expire
+# this is currently only used for user export files
+S3_SIGNED_URL_EXPIRY=900

 # Commented are example values if you use a non-AWS, S3-compatible service
 # AWS S3 should work with only AWS_STORAGE_BUCKET_NAME and AWS_S3_REGION_NAME
--- a/bookwyrm/settings.py
+++ b/bookwyrm/settings.py
@ -375,6 +375,7 @@ if USE_HTTPS:

 USE_S3 = env.bool("USE_S3", False)
 USE_AZURE = env.bool("USE_AZURE", False)
+S3_SIGNED_URL_EXPIRY = env.int("S3_SIGNED_URL_EXPIRY", 900)

 if USE_S3:
    # AWS settings
--- a/bookwyrm/views/preferences/export.py
+++ b/bookwyrm/views/preferences/export.py
@ -146,7 +146,12 @@ class Export(View):
 # pylint: disable=no-self-use
@method_decorator(login_required, name="dispatch")
 class ExportUser(View):
-    """Let users export user data to import into another Bookwyrm instance"""
+    """
+    Let users export user data to import into another Bookwyrm instance
+    This view creates signed URLs to pre-processed export files in
+    s3 storage on load (if they exist) and allows the user to create
+    a new file.
+    """

    def get(self, request):
        """Request tar file"""
@ -166,8 +171,10 @@ class ExportUser(View):

                # for s3 we download directly from s3, so we need a signed url
                export["url"] = S3Boto3Storage.url(
-                    storage, f"/exports/{job.task_id}.tar.gz", expire=900
-                )  # temporarily downloadable file, expires after 5 minutes
+                    storage,
+                    f"/exports/{job.task_id}.tar.gz",
+                    expire=settings.S3_SIGNED_URL_EXPIRY,
+                )

                # for s3 we create a new tar file in s3,
                # so we need to check the size of _that_ file
@ -207,7 +214,7 @@ class ExportUser(View):
        return TemplateResponse(request, "preferences/export-user.html", data)

    def post(self, request):
-        """Download the json file of a user's data"""
+        """Trigger processing of a new user export file"""

        job = BookwyrmExportJob.objects.create(user=request.user)
        job.start_job()