Best way to handle an image upload
❔Advice
I expose an HTTP endpoint that I use to upload images.
I chose this approach because it is simpler and more secure: in a single request I can upload the image and automatically store the related information in the database. Handling this flow using action feels less secure, since a user could bypass the second action/mutation by modifying the client-side code.
Within this endpoint, I receive an image that I would like to compress and validate as a proper image using Sharp js. However, Sharp requires a Node.js runtime, which is not available in the HTTP endpoint environment I am currently using.
The possible solutions I found are the following:
Solution 1:
Expose an endpoint on my own server that receives and process the image and then forwards the request to Convex’s HTTP endpoint. (however i have no clue how to make it safe)
Solution 2:
From the HTTP endpoint, call an action, but this approach has a 1 MB limitation on the data that can be passed.
Solution 3:
To overcome the limitation of Solution 2, i can first store the image in storage and then pass only the file ID to the action. The action would retrieve the image from storage and perform all the compression and validation steps.
Which solution would you recommend?
Or are there other, better approaches that I should consider?
I chose this approach because it is simpler and more secure: in a single request I can upload the image and automatically store the related information in the database. Handling this flow using action feels less secure, since a user could bypass the second action/mutation by modifying the client-side code.
Within this endpoint, I receive an image that I would like to compress and validate as a proper image using Sharp js. However, Sharp requires a Node.js runtime, which is not available in the HTTP endpoint environment I am currently using.
The possible solutions I found are the following:
Solution 1:
Expose an endpoint on my own server that receives and process the image and then forwards the request to Convex’s HTTP endpoint. (however i have no clue how to make it safe)
Solution 2:
From the HTTP endpoint, call an action, but this approach has a 1 MB limitation on the data that can be passed.
Solution 3:
To overcome the limitation of Solution 2, i can first store the image in storage and then pass only the file ID to the action. The action would retrieve the image from storage and perform all the compression and validation steps.
Which solution would you recommend?
Or are there other, better approaches that I should consider?
