Middleware for securing file uploads.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.idea
lib
test
.gitignore
.travis.yml
LICENSE
README.md
analysis_options.yaml
pubspec.yaml

README.md

file_security

Pub build status

Middleware for securing file uploads.

Supports:

  • Max file sizes
  • Max # of uploaded files
  • Restrict to certain extensions
  • Restrict to certain content types
  • Virus scan uploaded files via VirusTotal*

Your file upload API's can also be protected with throttleRequests from angel_security.

*Note: See VirusTotal's TOS. They do not allow use of their public API in commercial products. However, you can pay to use their private API.

Usage

import 'package:angel_framework/angel_framework.dart';
import 'package:angel_file_security/angel_file_security.dart';
import 'package:http/http.dart' as http;

Future configureServer(Angel app) async {
  var middleware = restrictFileUploads(
    maxFiles: 3,
    maxFileSize: 2000,
    allowedExtensions: ['.jpg', '.png', '.gif'],
    allowedContentTypes: ['image/jpeg', 'image/png', 'image/gif'],
  );
  
  var virusScanner = new VirusTotalScanner(
    '<your-api-key>',
    new http.Client(),
  );
  
  app
    .chain([middleware, virusScanner.handleRequest])
    .post('/api/upload', (req, res) {
      // Secure...
    });
}