DEV Community

Cover image for Secure URLs in the Cloud.
Rak
Rak

Posted on • Edited on

Secure URLs in the Cloud.

Cloud storage has revolutionized the way we manage and share data. Whether you're running a photo-sharing platform or managing user-generated content, being able to create secure URLs for your assets is a crucial requirement.

Today, we're going to demonstrate how to generate secure URLs for your files stored in the cloud.

Let's jump straight into the code:

import express from "express";
import { http, bucket } from "@nitric/sdk";

const imgBucket = bucket("images").for("reading", "writing");

const app = express();

app.get("/upload/:id", async (req, res) => {  
  try {
    const { id } = req.params;
    const img = imgBucket.file(`images/${id}/photo.png`);

    res.json({
      url: await img.getUploadUrl(),
    });
  } catch (err) {
    res.status = 500;
    res.json({
      message: "Error getting file URL",
    });
  }
});

http(app, () => {
  console.log(`Application started`);
});
Enter fullscreen mode Exit fullscreen mode

Note: An example of using KOA instead can be found here.

This code starts by importing the necessary modules. We import Express, which will be our web application framework, and we import the http and bucket modules from the Nitric SDK.

  • The line export const imgBucket = bucket("images").for("reading", "writing"); is creating a bucket named "images" and giving it read and write permissions.
  • The .for() function is setting the permissions for this bucket.

We then set up an Express application, and a route "/upload" that will handle the GET requests. Inside this route, we extract the id from the request parameters. This id is then used to construct the path of the image file in the bucket. This way, each image has a unique file path, preventing any potential naming collisions.

Then, we attempt to get the secure upload URL of the image file by calling img.getUploadUrl(). This function returns a promise, hence we use the await keyword to pause execution of our async function until the promise is fulfilled.

Note: this can be adapted to a url for downloading, by simply changing the method to getDownloadUrl().

If this operation is successful, we send back a JSON response containing the secure URL of the image file. In case any error occurs while getting the secure URL, we catch the error and send back an error message with a status code of 500.

Finally, we start our Express application by calling the http function from the Nitric SDK. This function binds our Express application to a port and starts listening for incoming HTTP requests.

Why Is This Awesome?

With just a few lines of code, we're able to create a function that can generate secure URLs for image files stored in a bucket ensuring that your files are secure and can only be accessed through the generated URLs.

Whether you're an experienced cloud developer or just getting started, creating secure URLs for your cloud-stored assets is an essential skill.

You can test this code out locally with the Nitric CLI, or even deploy it to your cloud provider (AWS, GCP or Azure).

Once you're up and running, go ahead and hit the URL.

curl localhost:3000/upload/123456

{"url":"http://localhost:13001/images/images/undefined/photo.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential........"}%
Enter fullscreen mode Exit fullscreen mode

Top comments (1)

Collapse
 
rsiv profile image
Rak • Edited

Linking similar articles since I've received a couple of DMs about using express or koa to handle the API routing.