The state of Meteor and AWS S3 file upload?

+1 for slingshot. Using it on both mobile and web for photo uploading in 1.4

It still does work normally, I use it in my app.

Meteor 1.4+ and using Slingshot in two apps.

If you look at the source code for Slingshot, it doesn’t do anything too magical; it uses standard javascript APIs. The only “complexity” is getting the tokens from the server, which don’t inherently have anything to do with slingshot itself, but more so the service you are using (AWS, Cloudinary, whatever).

I only mention this because I had the same worry: using an outdated/unmaintained package. I looked at the sourcecode… it would be very easy to move off of it and roll your own. When I had to do a custom implementation to upload to Cloudinary, I was really apprehensive and worried about it, but was able to do it in an hour or so with Slingshot. And I promise you I am by no means a wizard.

Thanks @moberegger, that’s the information I was hoping for! I didn’t dig in the source code to check it out, which I should’ve done.

Slingshot seems to be used by most here, so I’m much more confident about this decision, thanks !

@M4v3R, sadly knox doesn’t support new AWS servers, so no love for Frankfurt, which is the one I need to use!

Meteor-Files https://github.com/VeliovGroup/Meteor-Files could be another option that seems solid.

1 Like

I ended up using Meteor-Files but you have to write the AWS integration yourself. I wanted to crop/scale client-side before uploading and I couldn’t get slingshot to work with the edited files. Meteor-files is “simply upload/store/serve files to/from server” and everything else, like upload to third-party storage is diy. They have a dated example which actually worked for me. I had also tried a variety of different NPM image/file manipulation packages with no luck for my use case.

1 Like

Anybody can explain to less experiences how Slingshot image API talks to AWS in terms of encryption?

  1. Do we need to have our app page served from HTTPS?

  2. Is there an encryption with public key that encrypt messages from our app server to AWS (for tokens) and from client to AWS (for files), so no need to have a secure connection?

  3. About when we use files (such as images displayed in our app) (from AWS to our app): Do we just need to declare the URL (from another domain) in our Browser rules, but if our app is HTTPS, I suppose AWS should be HTTPS too, no? But it is not of the same session, same server. I do not know how security can work.

  4. Same thing for simply downloading files from the app, not displaying it.

Thanks,
Marc

1 Like

I did not try them, but there are also some Youtube videos about Slingshot.

Yep, we’re using Slingshot in our production app as well. Works very well with no issues!

We are getting ready to migrate our app from CFS:gridFS to Slingshot. Glad to hear all of the success stories.

1 Like

Structural question for those of you using Slingshot:

In a typical file structure like this:

  • server/
  • client/
  • imports/
  • api/
  • startup/
  • ui/

Where do you write the Directives, so that it’s accessible on both sides, and where do you add the file restrictions in a DRY way?

2 Likes

I have my app set up like this:

  • imports/startup
  • client
    • S3.config.js (with file restrictions)
  • server
    • S3.config.js (with Directives - directive contains file restrictions as well as per documentation)

I guess it does repeat the two lines for the restrictions… but I’m not losing sleep over it.

1 Like

Hello Guyz,
Migrated from cfs:s3 to slingshot ofcourse it is fab but in my case I am doing bulk upload of images and the images are around 250.

Some images are failed to upload and giving me error —> “error : failed to upload file to cloud storage [-0]”. Anyone know why it is throwing such a error.

Thanks in Advance!

I am doing bulk upload of around 250 images and some images are failing . Ended up with “error : failed to upload file to cloud storage [-0]”. Any idea why it this error is coming? Thanks in advance!

I’ve implement slingshot successfully, without using temporary AWS Credentials, however, when I try to implement it with temporary AWS Credentials, following this example, my application errors on the server with InvalidClientTokenId: The security token included in the request is invalid..

The problem appears to be with

var sts = new AWS.STS();
sts.getSessionToken({
  DurationSeconds: duration
}, function (error, result) {
  console.log('error', error);
  callback(error, result && result.Credentials);
});

If anyone could provide some insight into what could be causing thisI would appreciate it. I have an IAM account.

1 Like

@florianbienefelt

Question - Are you still using Slingshot? Did you ever get Evaporatejs working eventually? If not, what was the issue you were having?

This is a result of spending many days trying and also failing to make it work: File uploads - From Slingshot to EvaporateJS

+1 for slingshot. Using it on both mobile and web with the latest Meteor version.

I’m using my fork https://atmospherejs.com/tecsinapse/slingshot to have more control over progress.

Amazon provides an npm package containing an official SDK you can use to communicate with their services. In the case of S3, they have a feature called pre-signed URLs you can use. With this, clients (web browsers) will simply send a request to your meteor app (e.g. using a method), then your meteor app can use the SDK to ask S3 to generate a pre-signed URL that can be used to upload a file to a specific bucket with a specific key. Then you send back this pre-signed URL to the client (the web browser) which then can upload the file directly to S3 using this pre-signed URL.

This way, your meteor app will never receive the file, which gives the app quite a small load, but on the other hand the clients can upload whatever files they want to S3 (you might expect them to upload an image (a png file), but they upload a song instead (an mp3 file). That might or might not be a problem for you. If you need to verify this you could use a cloud lambda function that runs each time a new file is uploaded to your S3 bucket to verify this.

2 Likes

This is similar to how Slingshot works.

I personally user evaporate JS which does exactly what you describe, but with a fair few extra features that are helpful. I’d look into it (and anyone can feel free to let me know if they need help). I know it took me a while to get it working just right…

+1 to slingshot , using it on google , previously used it for amazon but moved out of amazon .