amish/laravel-s3-signed-route

Upload to s3 from your frontend using a pre-signed route.

v0.1.0 2022-06-13 23:23 UTC

This package is auto-updated.

Last update: 2024-10-14 04:33:30 UTC


README

Latest Version on Packagist Total Downloads Build Status

Use to securely upload directly to a s3 bucket from your frontend. This package was designed to upload to s3 with Uppy but it could be used with other libraries.

Installation

Via Composer

composer require amish/laravel-s3-signed-route

Usage

Register the s3 signing route with the macro, then apply the middleware, etc. The route is registered with the name 's3-signed-route'.

Route::signedS3Route()->middleware(['auth', ...]);

Usage with Uppy

let uppy = new Uppy({
    allowMultipleUploads: false,
    debug: true,
    restrictions: {
        allowedFileTypes: ['*'],
        maxNumberOfFiles: 1,
        minNumberOfFiles: 1,
    },
}).use(AwsS3, {
    getUploadParameters: (file) => {
        // Send a request to our signing endpoint. route('s3-signed-route')
        return fetch(signingEndpoint, {
            method: 'post',
            // Send and receive JSON.
            headers: {
                accept: 'application/json',
                'content-type': 'application/json',
            },
            body: JSON.stringify({
                filename: file.name,
                contentType: file.type,
                directory: 'uploads',
                _token: document.querySelector('[name=csrf-token]').content,
            }),
        })
        .then(response => response.json())
        .then(data => {
            // Return an object in the correct shape.
            return {
                method: data.method,
                url: data.url,
                fields: data.fields,
                // Provide content type header required by S3
                headers: {
                    'Content-Type': file.type,
                },
            }
        })
    },
});

Refer to Uppy's docs for more configuration options.

Contributing

Please see contributing.md for details and a todolist.

Security

If you discover any security related issues, please email author@email.com instead of using the issue tracker.

Credits

License

MIT. Please see the license file for more information.