How can I generate the signed-upload payload on my server?

Follow

Comments

10 comments

  • Avatar
    Joren Winge

    How can I do this same this process with Node js? I've been searching the documentation but i can't find it.

  • Avatar
    Nadav Ofir

    The same sign_request() method is available on the Node.js libraries as well.
    See: https://github.com/cloudinary/cloudinary_npm/blob/master/lib/utils.js#L808

  • Avatar
    john kealy

    Could someone just tell us how to do this over HTTP? I'm using a language not supported by cloudinary SDK's. There are no docs on this subject that I can find, googling ends up here and other SDK's.

  • Avatar
    Nadav Ofir

    Hi John,
    The idea is to set up an endpoint on your own servers where one of this SDKs is installed or calculations are imitated (if using different PL). Then you can have the signature rendered into the page or asked via AJAX from the client-side prior to uploading to Cloudinary.

  • Avatar
    Brian

    ffs... Thought this would take an hour to do but it took a day of tinkering.

    Node-

    function signFileUploadRequest(request, response) {
    // get the api_secret (and keep it secret)
    var apiSecret = process.env.CLOUDINARY_SECRET;
    // grab a current timestamp
    var millisecondsToSeconds = 1000;
    var timestamp = Math.round(Date.now() / millisecondsToSeconds);
    // generate the signature using the current timestmap and any other desired Cloudinary params
    var signature = Cloudinary.utils.api_sign_request({ timestamp: timestamp }, apiSecret);
    // craft a signature payload to send to the client (timestamp and signature required, api_key either sent here or stored on client)
    var payload = {
    signature: signature,
    timestamp: timestamp
    };
    // send it back to the client
    response.json(payload);
    }

  • Avatar
    Brian

    ^ I really think that snippet should be included in the Node SDK Github README. It's kind of like the most basic necessary thing, shouldn't be hidden in support forums.

  • Avatar
    Roee Ben Ari

    Thank you for sharing this, Brian! I'll forward this snippet to our SDK team to review. We really appreciate your feedback.

  • Avatar
    Sven Neumann

    Ok, I have this payload object. How do I use this with the http endpoint now???

  • Avatar
    Infrastructure

    Just to further what Brian has done, this is what I ended up with.

    On the server side (configured with CLOUDINARY_URL env):

    const timestamp=Math.round(Date.now() /1000);

    const payload= {
    apiUrl:Cloudinary.utils.api_url('upload', { resource_type:'auto' }),
    query:Cloudinary.utils.sign_request({ timestamp }),
    };
     
    We send this payload back to the client, and on the client side we simply make an xhr POST to response.apiUrl with response.query as params, and the file sent in the body.
     
    This should really be documented somewhere. I see lots of documentation of how to do unsigned uploads, but very scattered info about how to do signed uploads
  • Avatar
    Ido Barnoam

    Thanks for the adding the clarification!

     We will review this and see how it fits with our documentation.

Please sign in to leave a comment.