How can I generate the signed-upload payload on my server?

Follow

Comments

12 comments

  • Avatar
    Joren Winge

    How can I do this same this process with Node js? I've been searching the documentation but i can't find it.

    1
    Comment actions Permalink
  • Avatar
    Nadav Ofir

    The same sign_request() method is available on the Node.js libraries as well.
    See: https://github.com/cloudinary/cloudinary_npm/blob/228cc1f57b0311eb154782312239b3dd9cf82351/lib/utils/index.js#L875

    0
    Comment actions Permalink
  • Avatar
    john kealy

    Could someone just tell us how to do this over HTTP? I'm using a language not supported by cloudinary SDK's. There are no docs on this subject that I can find, googling ends up here and other SDK's.

    0
    Comment actions Permalink
  • Avatar
    Nadav Ofir

    Hi John,
    The idea is to set up an endpoint on your own servers where one of this SDKs is installed or calculations are imitated (if using different PL). Then you can have the signature rendered into the page or asked via AJAX from the client-side prior to uploading to Cloudinary.

    0
    Comment actions Permalink
  • Avatar
    Brian

    ffs... Thought this would take an hour to do but it took a day of tinkering.

    Node-

    function signFileUploadRequest(request, response) {
    // get the api_secret (and keep it secret)
    var apiSecret = process.env.CLOUDINARY_SECRET;
    // grab a current timestamp
    var millisecondsToSeconds = 1000;
    var timestamp = Math.round(Date.now() / millisecondsToSeconds);
    // generate the signature using the current timestmap and any other desired Cloudinary params
    var signature = Cloudinary.utils.api_sign_request({ timestamp: timestamp }, apiSecret);
    // craft a signature payload to send to the client (timestamp and signature required, api_key either sent here or stored on client)
    var payload = {
    signature: signature,
    timestamp: timestamp
    };
    // send it back to the client
    response.json(payload);
    }

    1
    Comment actions Permalink
  • Avatar
    Brian

    ^ I really think that snippet should be included in the Node SDK Github README. It's kind of like the most basic necessary thing, shouldn't be hidden in support forums.

    3
    Comment actions Permalink
  • Avatar
    Roee Ben Ari

    Thank you for sharing this, Brian! I'll forward this snippet to our SDK team to review. We really appreciate your feedback.

    0
    Comment actions Permalink
  • Avatar
    Sven Neumann

    Ok, I have this payload object. How do I use this with the http endpoint now???

    3
    Comment actions Permalink
  • Avatar
    Infrastructure

    Just to further what Brian has done, this is what I ended up with.

    On the server side (configured with CLOUDINARY_URL env):

    const timestamp=Math.round(Date.now() /1000);

    const payload= {
    apiUrl:Cloudinary.utils.api_url('upload', { resource_type:'auto' }),
    query:Cloudinary.utils.sign_request({ timestamp }),
    };
     
    We send this payload back to the client, and on the client side we simply make an xhr POST to response.apiUrl with response.query as params, and the file sent in the body.
     
    This should really be documented somewhere. I see lots of documentation of how to do unsigned uploads, but very scattered info about how to do signed uploads
    0
    Comment actions Permalink
  • Avatar
    Ido

    Thanks for the adding the clarification!

     We will review this and see how it fits with our documentation.

    0
    Comment actions Permalink
  • Avatar
    mathieu

    How do you use the signature on the client side? My POST request fails with a 400 'upload_preset' is missing apparently. While I'm specifically trying to use a signed upload (ie no upload_presets)...

    1
    Comment actions Permalink
  • Avatar
    Raya Straus

    Hi Mathieu,

    You can perform a client-side signed upload but the signature generation should be done on server-side and include a signed upload preset. 

     

    0
    Comment actions Permalink

Please sign in to leave a comment.