I know rclone can create directly public link, but not all remotes has this feature.
Rclone can use rcd --rc-serve to create a 'fake' (download files from rclone server) shared link for remote files.
But other user must know about --rc-user and --rc-pass.
Considering below situation:
I don't shared the 'administrator' token ( it mean Basic Auth)
Other users can downloads specific remote files only
The 'fake' shared link can be cancel( expired time, or manually disabled by 'administrator')
Other users don't know real path of shared files in rclone server.
rclone server should has some api
share/create: create a shared file link of rclone server.
params:
{
srcFs: string, // a remote name string eg "drive:" for the source
srcPath: string, // a path within that remote eg "a/b/file.txt" for the source
token?: string, // (option) average user token, similar with dstFs. if not provided , rclone will auto-generate it. eg "yf62HDvd78"
sharedName?: string, // (option) similar with dstPath. if not provided, extract it from srcPath. eg "file.txt"
expired?: moment | duration // (option) expired date. not provided mean unlimited.
}
{
// a list of links need to be deprecated
// providing `srcFs` and `srcPath`
// or providing `token` and `sharedName`
sharedLinks: ({
srcFs: string,
srcPath: string
} | {
token: string,
sharedName: string,
})[]
}
It seems that shared links have "long-term" support, mean that shared links still exist even if rclone server was "restarted".
Before you mentioned the above feature, I just consider that lifecycle of shared links is limited in run-time. If rclone server is shutdown, all shared links are gone.
And my naive solution is that rclone server holds a map table in memory.
(token, sharedName)
(srcFs, srcPath, expired)
(foo, a.mp4)
(remot1, path/to/object/c, null )
(bar, b.md)
(remote2, path/to/object/d, 2020/2/3 )
I don't know if it will raise the security problem.
By the way, the feature of long-term support is not bad.