Custom image upload

S3 API improvements and additional security measures

package.json

@@ -5,13 +5,14 @@
   "private": true,
   "scripts": {
     "dev": "vite dev",
+    "generate": "drizzle-kit generate:pg --config drizzle.config.ts",
+    "migrate": "drizzle-kit push:pg --config drizzle.config.ts",
+    "minio": "cd minio && docker-compose up",
     "build": "vite build",
     "preview": "vite preview",
     "check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
     "check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
     "studio": "drizzle-kit studio --config drizzle.config.ts",
-    "generate": "drizzle-kit generate:pg --config drizzle.config.ts",
-    "migrate": "drizzle-kit push:pg --config drizzle.config.ts",
     "seed": "node seed.js"
   },
   "devDependencies": {

src/lib/components/AdventureCard.svelte

@@ -42,12 +42,20 @@
 >
   <figure>
     <!-- svelte-ignore a11y-img-redundant-alt -->
-    <img
-      src={adventure.imageUrl ||
-        "https://placehold.co/300?text=No%20Image%20Found&font=roboto"}
-      alt="No image available"
-      class="w-full h-48 object-cover"
-    />
+    {#if adventure.imageUrl && adventure.imageUrl !== ""}
+      <img
+        src="/cdn/adventures/{adventure.imageUrl}"
+        alt="No image available"
+        class="w-full h-48 object-cover"
+        crossorigin="anonymous"
+      />
+    {:else}
+      <img
+        src={"https://placehold.co/300?text=No%20Image%20Found&font=roboto"}
+        alt="No image available"
+        class="w-full h-48 object-cover"
+      />
+    {/if}
   </figure>
 
   <div class="card-body">

src/lib/components/CreateNewAdventure.svelte

@@ -18,8 +18,11 @@
   import { onMount } from "svelte";
   import { addActivityType, generateDescription, getImage } from "$lib";
   import AutoComplete from "./AutoComplete.svelte";
+  import ImageModal from "./ImageModal.svelte";
   let modal: HTMLDialogElement;
 
+  let isImageModalOpen: boolean = false;
+
   let activityTypes: string[] = [];
 
   $: selected = "";
@@ -80,24 +83,28 @@
     }
   }
 
-  async function searchImage() {
-    try {
-      const imageUrl = await getImage(newAdventure.name);
-      newAdventure.imageUrl = imageUrl;
-    } catch (error) {
-      console.error(error);
-      // Handle the error
-    }
-  }
-
   let activityInput: string = "";
 
   function activitySetup() {
     newAdventure = addActivityType(activityInput, newAdventure);
     activityInput = "";
   }
+
+  function upload(e: CustomEvent<any>) {
+    let key = e.detail;
+    console.log("EE" + key);
+    newAdventure.imageUrl = key;
+  }
 </script>
 
+{#if isImageModalOpen}
+  <ImageModal
+    name={newAdventure.name}
+    on:submit={upload}
+    on:close={() => (isImageModalOpen = false)}
+  />
+{/if}
+
 <dialog id="my_modal_1" class="modal">
   <!-- svelte-ignore a11y-no-noninteractive-element-interactions -->
   <!-- svelte-ignore a11y-no-noninteractive-tabindex -->
@@ -175,13 +182,15 @@
           />
         </div>
         <div>
-          <label for="rating">Image URL</label>
-          <input
-            type="url"
-            id="iamgeUrl"
-            bind:value={newAdventure.imageUrl}
-            class="input input-bordered w-full max-w-xs"
-          />
+          <button
+            type="button"
+            class="btn btn-secondary"
+            on:click={() => {
+              isImageModalOpen = true;
+            }}
+          >
+            Upload Image
+          </button>
         </div>
 
         <button
@@ -196,9 +205,6 @@
         <button class="btn btn-secondary" on:click={generate}
           >Generate Description</button
         >
-        <button class="btn btn-secondary" on:click={searchImage}
-          >Search for Image</button
-        >
       </div>
     </div>
   </div>

src/lib/components/EditModal.svelte

@@ -6,6 +6,7 @@
   import { onMount } from "svelte";
   import { addActivityType, generateDescription, getImage } from "$lib";
   import AutoComplete from "./AutoComplete.svelte";
+  import ImageModal from "./ImageModal.svelte";
   let modal: HTMLDialogElement;
 
   console.log(adventureToEdit.id);
@@ -87,8 +88,24 @@
       // Handle the error
     }
   }
+
+  let isImageModalOpen: boolean = false;
+
+  function upload(e: CustomEvent<any>) {
+    let key = e.detail;
+    console.log("EE" + key);
+    adventureToEdit.imageUrl = key;
+  }
 </script>
 
+{#if isImageModalOpen}
+  <ImageModal
+    name={adventureToEdit.name}
+    on:submit={upload}
+    on:close={() => (isImageModalOpen = false)}
+  />
+{/if}
+
 <dialog id="my_modal_1" class="modal">
   <!-- svelte-ignore a11y-no-noninteractive-element-interactions -->
   <!-- svelte-ignore a11y-no-noninteractive-tabindex -->
@@ -163,13 +180,15 @@
           />
         </div>
         <div>
-          <label for="rating">Image URL</label>
-          <input
-            type="url"
-            id="imageUrl"
-            bind:value={adventureToEdit.imageUrl}
-            class="input input-bordered w-full max-w-xs"
-          />
+          <button
+            type="button"
+            class="btn btn-secondary"
+            on:click={() => {
+              isImageModalOpen = true;
+            }}
+          >
+            Upload Image
+          </button>
         </div>
         <button class="btn btn-primary mr-4 mt-4" on:click={submit}>Save</button
         >

src/lib/components/ImageModal.svelte

@@ -0,0 +1,160 @@
+<script lang="ts">
+  import { getImage } from "$lib";
+  import { createEventDispatcher } from "svelte";
+  import { onMount } from "svelte";
+  let modal: HTMLDialogElement;
+  export let name: string;
+
+  let viewType: string = "upload";
+
+  let imageUrl: string = "";
+
+  let imageFile: File | null = null;
+
+  let key: string;
+
+  const dispatch = createEventDispatcher();
+
+  onMount(() => {
+    modal = document.getElementById("my_modal_1") as HTMLDialogElement;
+    if (modal) {
+      modal.showModal();
+    }
+  });
+
+  function close() {
+    dispatch("close");
+  }
+
+  async function submit() {
+    try {
+      let key: string;
+      if (viewType === "url") {
+        // Get image from URL
+        const response = await fetch(imageUrl);
+        const blob = await response.blob();
+
+        const uploadResponse = await fetch("/api/upload", {
+          method: "POST",
+          body: blob,
+          headers: {
+            bucket: "adventures",
+            type: "adventure",
+            "Content-Type": blob.type,
+          },
+        });
+
+        const result = await uploadResponse.json();
+        key = result.key;
+        console.log(result);
+      } else if (imageFile) {
+        // Get the image from the file input
+
+        const uploadResponse = await fetch("/api/upload", {
+          method: "POST",
+          body: imageFile,
+          headers: {
+            bucket: "adventures",
+            type: "adventure",
+            "Content-Type": imageFile.type,
+          },
+        });
+
+        const result = await uploadResponse.json();
+        key = result.key;
+        console.log(result);
+      } else {
+        console.error("No file selected for upload");
+        return;
+      }
+
+      dispatch("submit", key);
+      close();
+    } catch (error) {
+      console.error("Error during submission", error);
+    }
+  }
+
+  function handleKeydown(event: KeyboardEvent) {
+    if (event.key === "Escape") {
+      close();
+    }
+  }
+
+  function setViewType(type: string) {
+    viewType = type;
+  }
+
+  function handleFileChange(event: Event) {
+    const target = event.target as HTMLInputElement;
+    if (target.files && target.files.length > 0) {
+      imageFile = target.files[0];
+    }
+  }
+
+  async function searchImage() {
+    try {
+      imageUrl = await getImage(name);
+    } catch (error) {
+      console.error(error);
+      // Handle the error
+    }
+  }
+</script>
+
+<dialog id="my_modal_1" class="modal">
+  <!-- svelte-ignore a11y-no-noninteractive-element-interactions -->
+  <!-- svelte-ignore a11y-no-noninteractive-tabindex -->
+  <div class="modal-box" role="dialog" on:keydown={handleKeydown} tabindex="0">
+    <h3 class="font-bold text-lg">Image Upload</h3>
+    <div class="join items-center justify-center flex mb-8">
+      <input
+        class="join-item btn btn-neutral"
+        type="radio"
+        name="upload"
+        checked
+        aria-label="Upload File"
+        on:click={() => setViewType("upload")}
+      />
+      <input
+        class="join-item btn btn-neutral"
+        type="radio"
+        name="upload"
+        aria-label="Url"
+        on:click={() => setViewType("url")}
+      />
+    </div>
+    {#if viewType == "url"}
+      <button class="btn btn-secondary" on:click={searchImage}
+        >Search for Image</button
+      >
+      <form method="dialog" style="width: 100%;" class="mb-4">
+        <div>
+          <label for="rating">Image URL</label>
+          <input
+            type="text"
+            id="imageUrl"
+            bind:value={imageUrl}
+            placeholder="Enter the URL of the image"
+          />
+        </div>
+      </form>
+    {/if}
+    {#if viewType == "upload"}
+      <form method="dialog" style="width: 100%;" class="mb-4">
+        <div>
+          <label for="rating">Image Upload</label>
+          <input
+            type="file"
+            id="imageFile"
+            on:change={handleFileChange}
+            placeholder="Upload an image file"
+          />
+        </div>
+      </form>
+    {/if}
+
+    <button class="btn btn-neutral" on:click={close}>Close</button>
+    <button class="btn btn-primary" on:click={submit}>Submit</button>
+  </div>
+</dialog>

src/routes/api/upload/+server.ts

@@ -64,7 +64,7 @@ export async function POST(event: RequestEvent): Promise<Response> {
       "Content-Type": contentType,
     };
 
-    const allowedBuckets = ["backgrounds", "profile-pics"];
+    const allowedBuckets = ["backgrounds", "profile-pics", "adventures"];
 
     if (!allowedBuckets.includes(bucket)) {
       return new Response(JSON.stringify({ error: "Invalid bucket name" }), {