I believe that this is caused by the `url_for` which creates the `presigned_key` URL and has a 5 minute default expiration. You could instead of the JSON response of the direct URL, you send the response back which goes to the SHOW action of the ArticleImage. The show action will get the record and redirect to the S3 link from the `url_for`. This could have the added benefit of checking authorization/authentication of the image about to be displayed to a user. This would also solve the expiration time as it would generate a new link. You could also wrap the `url_for` with a `Rails.cache.fetch` and set the expiration to 5 minutes to prevent the overhead of having to get another signed url for every request of the same image within the given interval.
I'm interested in this as well. I'll do some research and will probably write up a blog article about it. If I had to guess, it will be removing the default image button and making a custom button which mimics the Drag/Drop functionality.
I haven't tried adding it to an "older" version of rails. It does seem to be fairly decoupled from Rails as its own gem.
Though, one weird thing that they do which is a little strange that could prevent this from easily working is in the ActiveStorage gemspec.
```ruby
s.add_dependency "actionpack", version
s.add_dependency "activerecord", version
```
It has this reference to version which is in the main branch's `RAILS_VERSION` file. If you reference a `5.1.6` tag, the ActiveStorage gem wouldn't exist. You may need to clone the repo and manually adjust it. This would inherently add a level of technical debt as you would have to migrate any bugfixes/security patches/enhancements to your branch.
You're best bet would be to upgrade to Rails 5.1.X if possible and use the encrypted secrets. It will at least get the code base up to a point where swapping out the encrypted secrets for credentials an easier task.
