@bunbase-ae/js 2.3.1 → 2.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/storage.ts +21 -16
package/package.json
CHANGED
package/src/storage.ts
CHANGED
|
@@ -24,6 +24,10 @@ export interface SignedUploadResult {
|
|
|
24
24
|
url: string;
|
|
25
25
|
key: string;
|
|
26
26
|
expires_in: number;
|
|
27
|
+
// HMAC-signed token binding this sign call to the caller. S3 provider only
|
|
28
|
+
// — `null` for local (no confirm step). Required by /storage/confirm so the
|
|
29
|
+
// server can use server-signed metadata instead of trusting the client.
|
|
30
|
+
confirm_token: string | null;
|
|
27
31
|
}
|
|
28
32
|
|
|
29
33
|
export class StorageClient {
|
|
@@ -121,7 +125,7 @@ export class StorageClient {
|
|
|
121
125
|
options: UploadOptions & { expiresIn?: number } = {},
|
|
122
126
|
): Promise<FileRecord> {
|
|
123
127
|
const filename = file instanceof File ? file.name : `upload-${Date.now()}`;
|
|
124
|
-
const { url,
|
|
128
|
+
const { url, confirm_token } = await this.signedUpload(filename, {
|
|
125
129
|
...options,
|
|
126
130
|
contentType: file.type || "application/octet-stream",
|
|
127
131
|
});
|
|
@@ -146,39 +150,40 @@ export class StorageClient {
|
|
|
146
150
|
}
|
|
147
151
|
|
|
148
152
|
// S3 provider: PUT succeeded (200/204) — register metadata with BunBase.
|
|
153
|
+
// The server uses the HMAC-signed token's fields as the source of truth;
|
|
154
|
+
// `size`, `collection`, `recordId` are the only body fields still honoured.
|
|
155
|
+
if (!confirm_token) {
|
|
156
|
+
throw new BunBaseError(
|
|
157
|
+
"Missing confirm_token in sign response — server may be running a pre-#231 build.",
|
|
158
|
+
500,
|
|
159
|
+
null,
|
|
160
|
+
);
|
|
161
|
+
}
|
|
149
162
|
return this.confirmUpload({
|
|
150
|
-
|
|
151
|
-
bucket: options.bucket,
|
|
152
|
-
filename,
|
|
163
|
+
confirmToken: confirm_token,
|
|
153
164
|
collection: options.collection,
|
|
154
165
|
recordId: options.recordId,
|
|
155
|
-
isPublic: options.isPublic,
|
|
156
|
-
mimeType: file.type || "application/octet-stream",
|
|
157
166
|
size: file.size,
|
|
158
167
|
});
|
|
159
168
|
}
|
|
160
169
|
|
|
161
170
|
// Confirm an S3 presigned upload by registering the file metadata in BunBase.
|
|
162
171
|
// Not needed for local provider (the PUT handler registers metadata automatically).
|
|
172
|
+
//
|
|
173
|
+
// `confirmToken` (from the sign response) is required — it carries the
|
|
174
|
+
// server-signed key / bucket / is_public / mime_type / owner. Body fields
|
|
175
|
+
// outside `size`, `collection`, `recordId` are ignored by the server.
|
|
163
176
|
async confirmUpload(options: {
|
|
164
|
-
|
|
165
|
-
bucket?: string;
|
|
166
|
-
filename?: string;
|
|
177
|
+
confirmToken: string;
|
|
167
178
|
collection?: string;
|
|
168
179
|
recordId?: string;
|
|
169
|
-
isPublic?: boolean;
|
|
170
|
-
mimeType?: string;
|
|
171
180
|
size?: number;
|
|
172
181
|
}): Promise<FileRecord> {
|
|
173
182
|
return this.http.request<FileRecord>("POST", "/api/v1/storage/confirm", {
|
|
174
183
|
body: {
|
|
175
|
-
|
|
176
|
-
bucket: options.bucket,
|
|
177
|
-
filename: options.filename,
|
|
184
|
+
confirm_token: options.confirmToken,
|
|
178
185
|
collection: options.collection,
|
|
179
186
|
record_id: options.recordId,
|
|
180
|
-
is_public: options.isPublic,
|
|
181
|
-
mime_type: options.mimeType,
|
|
182
187
|
size: options.size,
|
|
183
188
|
},
|
|
184
189
|
});
|