abw-react-starter 1.0.3 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +101 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -87,6 +87,7 @@ If enabled, the CLI will:
|
|
|
87
87
|
|
|
88
88
|
* `plugins.ts`
|
|
89
89
|
* `middlewares.ts`
|
|
90
|
+
* `server.ts`
|
|
90
91
|
* Ask for:
|
|
91
92
|
|
|
92
93
|
* Bucket name
|
|
@@ -96,6 +97,94 @@ If enabled, the CLI will:
|
|
|
96
97
|
|
|
97
98
|
---
|
|
98
99
|
|
|
100
|
+
## ⚠️ S3 Bucket Configuration (IMPORTANT)
|
|
101
|
+
|
|
102
|
+
For image uploads to work correctly, your S3 bucket **must allow public read access**.
|
|
103
|
+
|
|
104
|
+
---
|
|
105
|
+
|
|
106
|
+
### 1. Block Public Access
|
|
107
|
+
|
|
108
|
+
Go to:
|
|
109
|
+
|
|
110
|
+
S3 → Your Bucket → Permissions → Block public access
|
|
111
|
+
|
|
112
|
+
Configure:
|
|
113
|
+
|
|
114
|
+
* ❌ Do NOT block all public access
|
|
115
|
+
* ✔ Allow public access (at least partially)
|
|
116
|
+
|
|
117
|
+
If everything is blocked, images **will not load in the browser**.
|
|
118
|
+
|
|
119
|
+
---
|
|
120
|
+
|
|
121
|
+
### 2. Object Ownership (ACLs)
|
|
122
|
+
|
|
123
|
+
Go to:
|
|
124
|
+
|
|
125
|
+
S3 → Your Bucket → Permissions → Object Ownership
|
|
126
|
+
|
|
127
|
+
Set:
|
|
128
|
+
|
|
129
|
+
* ✔ ACLs enabled
|
|
130
|
+
|
|
131
|
+
This is required because Strapi uploads files using:
|
|
132
|
+
|
|
133
|
+
```js
|
|
134
|
+
ACL: 'public-read'
|
|
135
|
+
```
|
|
136
|
+
|
|
137
|
+
---
|
|
138
|
+
|
|
139
|
+
## 🔓 What this means
|
|
140
|
+
|
|
141
|
+
* Uploaded images will be publicly accessible via URL:
|
|
142
|
+
|
|
143
|
+
```
|
|
144
|
+
https://your-bucket.s3.region.amazonaws.com/image.jpg
|
|
145
|
+
```
|
|
146
|
+
|
|
147
|
+
* Only your backend (using AWS credentials) can:
|
|
148
|
+
|
|
149
|
+
* upload
|
|
150
|
+
* delete
|
|
151
|
+
* modify files
|
|
152
|
+
|
|
153
|
+
---
|
|
154
|
+
|
|
155
|
+
## 🔐 Is this secure?
|
|
156
|
+
|
|
157
|
+
Yes — this is standard practice for most web apps.
|
|
158
|
+
|
|
159
|
+
As long as you:
|
|
160
|
+
|
|
161
|
+
* ❌ do NOT expose your AWS credentials
|
|
162
|
+
* ✔ use restricted IAM permissions
|
|
163
|
+
|
|
164
|
+
your setup is safe.
|
|
165
|
+
|
|
166
|
+
---
|
|
167
|
+
|
|
168
|
+
## 🚀 Advanced (optional)
|
|
169
|
+
|
|
170
|
+
For more advanced setups, you can later switch to:
|
|
171
|
+
|
|
172
|
+
* CloudFront (CDN)
|
|
173
|
+
* Private buckets + signed URLs
|
|
174
|
+
* Bucket policies instead of ACLs
|
|
175
|
+
|
|
176
|
+
---
|
|
177
|
+
|
|
178
|
+
## 🧠 Summary
|
|
179
|
+
|
|
180
|
+
| Setting | Value |
|
|
181
|
+
| ----------------------- | ------------------- |
|
|
182
|
+
| Block Public Access | ❌ Not fully blocked |
|
|
183
|
+
| Object Ownership (ACLs) | ✔ Enabled |
|
|
184
|
+
| Upload ACL | public-read |
|
|
185
|
+
|
|
186
|
+
---
|
|
187
|
+
|
|
99
188
|
## 🔐 Requirements
|
|
100
189
|
|
|
101
190
|
Make sure you have installed:
|
|
@@ -129,8 +218,8 @@ npm run dev
|
|
|
129
218
|
|
|
130
219
|
```
|
|
131
220
|
my-app/
|
|
132
|
-
├── backend/
|
|
133
|
-
├── frontend/
|
|
221
|
+
├── backend/
|
|
222
|
+
├── frontend/
|
|
134
223
|
└── .abw-starter.json
|
|
135
224
|
```
|
|
136
225
|
|
|
@@ -164,6 +253,16 @@ The CLI will prompt you to login automatically.
|
|
|
164
253
|
|
|
165
254
|
---
|
|
166
255
|
|
|
256
|
+
### Images not loading (S3)
|
|
257
|
+
|
|
258
|
+
Check:
|
|
259
|
+
|
|
260
|
+
* Bucket is not fully blocking public access
|
|
261
|
+
* ACLs are enabled
|
|
262
|
+
* Correct bucket name and region
|
|
263
|
+
|
|
264
|
+
---
|
|
265
|
+
|
|
167
266
|
## 📄 License
|
|
168
267
|
|
|
169
268
|
MIT
|