Phase 1

Use existing identity providers. This removes the need to call a database to store user passwords.

Phase 2

Implement Blocs user management, storing passwords and generating tokens ourselves if needed.

AWS API gateway

AWS lambda

Dynamo DB

curl -X POST \
    -d '{"name": "Will Munn", email: "will.munn@focusrite.com"}' \
    -H "Authorization: Bearer $TOKEN" \
    "https://api.focusrite.com/user"

Create a new user

Store the user in dynamo db. User data can then be used at a later date.

Retrieve the user's previous purchases from dynamo.

Example flow: getting a new user's purchases

Cloud front

S3

curl -X GET \
    -H "Authorization: Bearer $TOKEN" \
    "https://api.focusrite.com/pack/{packId}/token"

# 302 Redirect
# Location: https://downloads.focusrite.com/pack/{packId}?token=cGFja0lkPTIzNDU1NTUzNDQ0Cg==

Get a download token for the pack

This endpoint checks whether the user has purchased the pack and returns a redirect to the download endpoint with a token containing the pack ID and an expiry time. This token is signed using a private key.

Example flow: downloading a purchased pack

curl "https://downloads.focusrite.com?token=cGFja0lkPTIzNDU1NTUzNDQ0Cg=="

Download the pack

Token is checked on the CDN, if valid, it tries to deliver the content from one of its cached nodes, otherwise, it streams it from S3 into its cache for use next time and out the the user.

Example flow: downloading a purchased pack 2

Integrate with a payment provider

Build tools for submitting content