Hi all, and sorry I looked but didn’t see a clear answer to this. By default, Nocodb stores attachments in the data directory.. But I’m not seeing if those attachments are secured or not. I thought I saw that the URL has an access key attached, but I don’t see how long that key is good for and if that key is required for access. I want o use the DB to store invoices and other related data so the attachments need to be secured form unauthorized access.
Hi @Partition1120,
The following environment variables are available: NC_SECURE_ATTACHMENTS and NC_ATTACHMENT_EXPIRE_SECONDS. These allow you to fully control signed links and public access to attachments.
Please note that if you are using a storage provider, the bucket must be configured as private so that files are accessible only through our signed links.
For reference: Environment variables