Storage Permission Problem in appwrite cloud.

when i give user read permission , its not showing , but when i give any permission , it is showing , but i am logged in right now . How will i fix this problem.

TL;DR

User is facing a problem with generating JWT in the Appwrite Android app and is concerned about the security of the token. The user also mentions that accessing a file works without authentication. Solution provided is to generate a JWT token and pass it in the headers using Glide. User is advised to check if headers can be passed using Glide and is provided with code example for displaying an image using Glide. User asks for clarification on how to access the file and mentions that when giving user read permission, it is not showing up. No solution is provided for this specific problem.

how are you trying to access the file?

in android i am using glide to show image

how exactly? code please?

val url="${apiConstants.ENDPOINT}/storage/buckets/${apiConstants.BUCKET_ID}/files/${data.img_id}/view?project=${apiConstants.PROJECT_ID}" Glide.with(viewHolder.itemView.context) .load(url) // image url //.placeholder(R.drawable.load2) // any placeholder to load at start .error(R.drawable.user4) // any image in case of error .centerCrop() // resizing .into(banImgg)

img_id comes from database

please make sure to wrap multi line code with 3 backticks

so this accesses a file without any authentication. that's why it works with the any permission.

are you able to pass headers using Glide?

you'll need to generate a JWT token (https://appwrite.io/docs/client/account?sdk=web-default#accountCreateJWT) and then pass it in the headers (https://stackoverflow.com/questions/51149546/how-to-add-authorization-in-header-by-glide-in-android-studio)

but it was working fine in self hosting appwrite

maybe your permissions were different when self hosting

no same permission

so for users only permission , i have to generate jwt , right?

but any body can steal this jwt and view my content for free