aicam commented on issue #4240: URL: https://github.com/apache/texera/issues/4240#issuecomment-4663613502
I believe the overall design is correct but we need to make two changes in the design: 1- For security reasons, we do not want to keep any token (neither refresh_token or the final one), the correct behavior is that user authorize every time they want to export. We understand this is not very convenient but we explicitly tell users we do not keep any token and we need to be committed to this. So I believe the first PR should only provide the process to authorize user with Google drive and then just drop the token and don't use it, in later PRs, the token is used to do the upload and dropped after that. 2- Current way of uploading is inefficient, the correct way is that backend stream the data directly from MinIO to Google drive, currently frontend fetch full object and then start uploading. So the next steps is to fix the design which I believe is very minor (just remove the step to store key in database) and then we can start merging PRs one by one. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
