I know there have been some questions about this. I know how to accomplish this using AWS SDK.
However, my concern is about security. My plan is to generate a signed URL so users logged on my website can upload files to S3. I generate this url on server side (based on Express framework).
The problem: anyone with access to this URL can upload files to my bucket. Only logged users can get these urls, but anyone can use them.
Is there a way to generate a "one time use" url to authenticate with S3? If not, is there an approach I can use that does not show my credentials on client side and do not upload the files to my server ?(I know, asking too much :/)