In our app we want users to upload files.
We need some kind of bucket storage since we do not want to store the files directly in our database. We would upload the file and link it by a link/id in the database.
Is it secure to not filter access to the files, since the link/id can be very long and is only known by people who have access to the database row/document which is secured. Assuming the bucket storage is not iterable.
I think I will just put it behind an API and do proper custom authentication