file_security

Pub build status

Middleware for securing file uploads.

Supports:

  • Max file sizes
  • Max # of uploaded files
  • Restrict to certain extensions
  • Restrict to certain content types
  • Virus scan uploaded files via VirusTotal*

Your file upload API's can also be protected with throttleRequests from angel_security.

**Note*: See VirusTotal's TOS. They do not allow use of their public API in commercial products. However, you can pay to use their private API.

Usage

import 'package:angel_framework/angel_framework.dart';
import 'package:angel_file_security/angel_file_security.dart';
import 'package:http/http.dart' as http;

Future configureServer(Angel app) async {
  var middleware = restrictFileUploads(
    maxFiles: 3,
    maxFileSize: 2000,
    allowedExtensions: ['.jpg', '.png', '.gif'],
    allowedContentTypes: ['image/jpeg', 'image/png', 'image/gif'],
  );
  
  var virusScanner = new VirusTotalScanner(
    '<your-api-key>',
    new http.Client(),
  );
  
  app
    .chain([middleware, virusScanner.handleRequest])
    .post('/api/upload', (req, res) {
      // Secure...
    });
}

Libraries

angel_file_security