onvibe.run

← All updates

Data

Upload and serve files — private uploads and public assets

Files come in two flavours, and conflating them is how apps leak private data or re-upload the same logo a hundred times. onvibe keeps them cleanly apart.

Public assets, shared by content

Build-time files you provide — a logo, a stylesheet, an icon — go in with upload_asset. They're content-addressed: immutable, served from a CDN, and shared by their content hash. That's why a fork of your app keeps working without re-uploading anything: identical bytes resolve to the same URL.

Private uploads, behind signed URLs

Files your users upload at runtime — a receipt photo, an avatar — are different. Store them with uploadFile and hand them back with getDownloadUrl, which mints a short-lived signed URL; the physical keys stay opaque so nobody can guess their way to someone else's file. It's the Active-Storage model — logical names mapped to neutral keys — with a per-app maximum file size you set.

Two models, each right for its job, neither leaking into the other.

📖Read the docs — Files & images
Built with onvibe
🥗
Shared pantry tracker
Log groceries with expiry dates — the flat sees what to eat first.
See how it was made →
Build your own app on onvibe →← All updates