add : Image Upload, Validator Uploading to AWS

Author: OmGuptaIND

.gitignore

@@ -0,0 +1,6 @@
+.env
+.serverless
+.serverless_plugins
+node_modules
+secrets.dev.yml
+*.log

config.ts

@@ -0,0 +1,14 @@
+import dotenv from 'dotenv';
+
+const parseEnv = async (): Promise<dotenv.DotenvParseOutput> => {
+ // Load env vars into Serverless environment
+ // You can do more complicated env var resolution with dotenv here
+ const envVars = dotenv.config({ path: '.env' }).parsed;
+ const envObj = Object.assign(
+ {},
+ envVars // `dotenv` environment variables
+ );
+ return envObj;
+};
+
+export default parseEnv;

package.json

@@ -0,0 +1,28 @@
+{
+ "name": "aws-lambda",
+ "version": "1.0.0",
+ "description": "",
+ "main": "handler.js",
+ "scripts": {
+ "dev": "sls offline -s dev --noTimeout"
+ },
+ "author": "",
+ "license": "ISC",
+ "dependencies": {
+ "@aws-sdk/client-s3": "^3.54.0",
+ "aws-lambda": "^1.0.7",
+ "jsonwebtoken": "^8.5.1",
+ "jwks-rsa": "^2.0.5",
+ "zod": "^3.13.4"
+ },
+ "devDependencies": {
+ "@types/aws-lambda": "^8.10.93",
+ "@types/jsonwebtoken": "^8.5.8",
+ "@types/serverless": "^3.0.1",
+ "serverless": "^3.7.4",
+ "serverless-iam-roles-per-function": "^3.2.0",
+ "serverless-offline": "^8.5.0",
+ "serverless-plugin-typescript": "^2.1.1",
+ "typescript": "^4.6.2"
+ }
+}

serverless.yml

@@ -0,0 +1,52 @@
+service: upload-to-s3
+frameworkVersion: '3'
+
+plugins:
+ - serverless-offline
+ - serverless-plugin-typescript
+ - serverless-iam-roles-per-function
+
+custom:
+ fileUploadBucketName: ${self:service}-bucket-${self:provider.stage}
+ serverless-offline:
+ httpPort: 1337
+
+provider:
+ name: aws
+ runtime: nodejs12.x
+ profile: serverlessUser
+ stage: dev
+ region: ap-south-1
+
+functions:
+ hello:
+ handler: src/lambda/hello.handler
+ events:
+ - http:
+ path: /hello
+ method: GET
+ cors: true
+
+ imageUpload:
+ handler: src/lambda/imageUpload.handler
+ events:
+ - http:
+ path: /imageUpload
+ method: POST
+ cors: true
+ iamRoleStatements:
+ - Effect: Allow
+ Action:
+ - s3:PutObjectAcl
+ - s3:PutObject
+ Resource: arn:aws:s3:::${self:custom.fileUploadBucketName}/*
+ environment:
+ FILE_UPLOAD_BUCKET_NAME: ${self:custom.fileUploadBucketName}
+
+resources:
+ Resources:
+ FileBucket:
+ Type: AWS::S3::Bucket
+ Properties:
+ BucketName: ${self:custom.fileUploadBucketName}
+ AccessControl: PublicRead

src/lambda/hello.ts

@@ -0,0 +1,12 @@
+import { APIGatewayProxyHandler, APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda';
+import { apiResponse } from '../utils/apiResponse';
+
+export const handler: APIGatewayProxyHandler = async (_event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
+ try {
+ return apiResponse(200, {
+ message: 'Welcome to the API',
+ });
+ } catch (err) {
+ return apiResponse(500, 'Somrthing went wrong');
+ }
+};

src/lambda/imageUpload.ts

@@ -0,0 +1,72 @@
+import { APIGatewayProxyHandler, APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda';
+import { apiResponse } from '../utils/apiResponse';
+import { S3Client, PutObjectCommand } from '@aws-sdk/client-s3';
+import { accessTokenSchemaType, imageMimeSchema, imageUploadSchema } from '../utils/validators';
+import { getKey } from '../utils/apiKey';
+import { verify } from 'jsonwebtoken';
+import { base64MimeType } from '../utils/getMimeType';
+
+const client = new S3Client({ region: process.env['AWS_REGION'] as string });
+
+export const handler: APIGatewayProxyHandler = async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
+ try {
+ const { body } = event;
+ if (!body) {
+ return apiResponse(400, 'Body is required');
+ }
+ const values = JSON.parse(body);
+ const data = imageUploadSchema.safeParse(values);
+ if (!data.success) {
+ return apiResponse(400, data.error);
+ }
+ const { file, accessToken, fileName, type } = data.data;
+
+ if (!file) return apiResponse(400, 'File is required');
+
+ //Valid Image Type
+ const mimeType = base64MimeType(file);
+ const mimeData = imageMimeSchema.safeParse({ mimeType });
+ if (!mimeData.success) {
+ return apiResponse(400, mimeData.error);
+ }
+
+ //Check Valid User Token
+ const key = await getKey();
+ const decoded = verify(accessToken, key, { algorithms: ['RS256'] });
+ const { address } = decoded as accessTokenSchemaType;
+
+ //Check File Size
+ const sanitisedFile = file.replace(/^data:image\/\w+;base64,/, '');
+ const decodedFile = Buffer.from(sanitisedFile, 'base64');
+ const sizeInBytes = 4 * Math.ceil(sanitisedFile.length / 3) * 0.5624896334383812;
+ const sizeInMb = +(sizeInBytes / (1000 * 1024)).toFixed(4);
+
+ if (type === 'profile' && sizeInMb > 2) {
+ return apiResponse(400, 'Profile image size should be less than 2MB');
+ }
+
+ if (type === 'banner' && sizeInMb > 5) {
+ return apiResponse(400, 'Banner image size should be less than 5MB');
+ }
+
+ //Upload to s3
+ const date = new Date().toISOString();
+ const params = {
+ Bucket: process.env['FILE_UPLOAD_BUCKET_NAME'],
+ Key: `${address}-${fileName}-${date}.${mimeType?.split('/')[1]}`,
+ Body: decodedFile,
+ };
+
+ const command = new PutObjectCommand(params);
+ await client.send(command);
+
+ const hrefLink = `https://${command.input.Bucket}.s3.ap-south-1.amazonaws.com/${command.input.Key}`;
+ return apiResponse(200, {
+ hrefLink,
+ message: 'Image Uploaded Successfully',
+ });
+ } catch (err) {
+ console.log(err);
+ return apiResponse(401, err);
+ }
+};

src/utils/ParseEnv.ts

@@ -0,0 +1,14 @@
+import dotenv from 'dotenv';
+
+export const parseEnv = async (): Promise<dotenv.DotenvParseOutput> => {
+ // Load env vars into Serverless environment
+ // You can do more complicated env var resolution with dotenv here
+ const envVars = dotenv.config({ path: '.env' }).parsed;
+ const envObj = Object.assign(
+ {},
+ envVars // `dotenv` environment variables
+ );
+ console.log(envObj);
+
+ return envObj;
+};

src/utils/apiKey.ts

@@ -0,0 +1,14 @@
+import { JwksClient } from 'jwks-rsa';
+
+const client = new JwksClient({
+ jwksUri: process.env['JWKS_URI'] as string,
+ cache: true, // Default Value
+ cacheMaxEntries: 5, // Default value
+ cacheMaxAge: 600000, // Defaults to 10m
+});
+
+export const getKey = async () => {
+ const kid = process.env['KEY_KID'];
+ const key = await client.getSigningKey(kid);
+ return key.getPublicKey();
+};

src/utils/apiResponse.ts

@@ -0,0 +1,11 @@
+export const apiResponse = (statusCode: number, body: any) => {
+ return {
+ headers: {
+ 'Content-Type': 'application/json',
+ 'Access-Control-Allowed-Methods': '*',
+ 'Access-Control-Allow-Origin': '*',
+ },
+ statusCode,
+ body: JSON.stringify(body),
+ };
+};

src/utils/getMimeType.ts

@@ -0,0 +1,13 @@
+export const base64MimeType = (encoded: string) => {
+ let result = null;
+ if (typeof encoded !== 'string') {
+ return result;
+ }
+ const mime = encoded.match(/data:([a-zA-Z0-9]+\/[a-zA-Z0-9-.+]+).*,.*/);
+
+ if (mime && mime.length) {
+ result = mime[1];
+ }
+
+ return result;
+};