Working with File Uploads in Node.js
Learn how to handle file uploads using popular middleware and optimize file processing in your Node.js application.
0 likes
3 views
Rule Content
{
"title": "Working with File Uploads in Node.js",
"description": "Learn how to handle file uploads using popular middleware and optimize file processing in your Node.js application.",
"category": "Node.js Cursor Rules",
"rules": [
{
"name": "Use Multer for Handling File Uploads",
"description": "Implement Multer middleware to manage `multipart/form-data` for efficient file uploads in Express applications.",
"code": "const multer = require('multer');\nconst upload = multer({ dest: 'uploads/' });\napp.post('/upload', upload.single('file'), (req, res) => {\n res.send('File uploaded successfully');\n});"
},
{
"name": "Set File Size Limits",
"description": "Configure Multer to limit the size of uploaded files to prevent resource exhaustion and enhance security.",
"code": "const upload = multer({\n dest: 'uploads/',\n limits: { fileSize: 2 * 1024 * 1024 } // 2 MB\n});"
},
{
"name": "Validate File Types",
"description": "Use Multer's `fileFilter` option to restrict uploads to specific file types, ensuring only allowed formats are processed.",
"code": "const upload = multer({\n dest: 'uploads/',\n fileFilter: (req, file, cb) => {\n const allowedTypes = ['image/jpeg', 'image/png', 'image/gif'];\n if (allowedTypes.includes(file.mimetype)) {\n cb(null, true);\n } else {\n cb(new Error('Invalid file type'), false);\n }\n }\n});"
},
{
"name": "Implement Secure File Storage Practices",
"description": "Generate safe filenames and store uploaded files in directories with appropriate permissions to prevent unauthorized access.",
"code": "const crypto = require('crypto');\nconst path = require('path');\nconst fs = require('fs');\nconst generateSafeFilename = (originalName) => {\n const ext = path.extname(originalName);\n const baseName = path.basename(originalName, ext);\n const sanitizedBase = baseName.replace(/[^a-z0-9]/gi, '_').substring(0, 50);\n const randomHash = crypto.randomBytes(4).toString('hex');\n return `${sanitizedBase}_${randomHash}${ext}`;\n};\nconst uploadDir = path.join(__dirname, 'uploads');\nfs.mkdirSync(uploadDir, { recursive: true, mode: 0o755 });\nconst storage = multer.diskStorage({\n destination: uploadDir,\n filename: (req, file, cb) => {\n cb(null, generateSafeFilename(file.originalname));\n }\n});\nconst upload = multer({ storage });"
},
{
"name": "Optimize Middleware Usage",
"description": "Apply middleware only to specific routes where necessary to minimize overhead and improve performance.",
"code": "app.use('/upload', upload.single('file'), (req, res) => {\n res.send('File uploaded successfully');\n});"
},
{
"name": "Implement Rate Limiting for File Uploads",
"description": "Use rate limiting middleware to prevent abuse and ensure fair usage of file upload endpoints.",
"code": "const rateLimit = require('express-rate-limit');\nconst uploadLimiter = rateLimit({\n windowMs: 60 * 1000, // 1 minute\n max: 5 // Max 5 uploads per minute\n});\napp.post('/upload', uploadLimiter, upload.single('file'), (req, res) => {\n res.send('File uploaded successfully');\n});"
},
{
"name": "Serve Files Securely",
"description": "Place the `uploads` directory outside the web root in production and serve files only after validating permissions.",
"code": "const path = require('path');\napp.get('/uploads/:filename', (req, res) => {\n const filePath = path.join(__dirname, 'uploads', req.params.filename);\n // Add permission checks here\n res.sendFile(filePath);\n});"
},
{
"name": "Monitor and Benchmark Middleware",
"description": "Use monitoring tools to identify performance bottlenecks in middleware and optimize accordingly.",
"code": "const expressStatusMonitor = require('express-status-monitor');\napp.use(expressStatusMonitor());"
}
]
}