zalavari zalavari - 1 month ago 12
Javascript Question

How to upload files to Amazon S3 with Meteor?

I'm trying to upload files to my Amazon S3 Bucket. S3 and amazon is set up.
This is the error message from Amazon:

Conflicting query string parameters: acl, policy

Policy and signature is encoded, with Crypto.js for Node.js

var crypto=Npm.require("crypto");

I'm trying to build POST request with Meteor method. This could be wrong as well.

var BucketName="mybucket";
var AWSAccessKeyId="MY_ACCES_KEY";
var AWSSecretKey="MY_SECRET_KEY";

//create policy
"expiration": "2009-01-01T00:00:00Z",
"conditions": [
{"bucket": BucketName},
["starts-with", "$key", "uploads/"],
{"acl": 'public-read'},
["starts-with", "$Content-Type", ""],
["content-length-range", 0, 1048576],
var policyBase64=encodePolicy(POLICY_JSON);
//create signature
var SIGNATURE = encodeSignature(policyBase64,AWSSecretKey);
console.log('signature: ', SIGNATURE);

This is the POST request I'm using with Meteor:

//Send data----------
var options={
console.log("and HTTP ERROR:",error);

and her I'm encoding the policy and the signature:

// stringify the policy, store it in a NodeJS Buffer object
var buffer=new Buffer(JSON.stringify(jsonPolicy));
// convert it to base64
var policy=buffer.toString("base64");
// replace "/" and "+" so that it is URL-safe.
return policy.replace(/\//g,"_").replace(/\+/g,"-");

var hmac=crypto.createHmac("sha256",secret);
return hmac.digest("hex");

A can't figure out whats going on. There might already be a problem at the POST method, or the encryption, because I don't know these methods too well. If someone could point me to the right direction, to encode, or send POST request to AmazonS3 properly, it could help a lot.

(I don't like to use, because I don't want to force the client to sign up there as well.)

Thanks in advance!!!

Answer Source

Direct uploads to S3 you can use the slingshot package:

meteor add edgee:slingshot

On the server side declare your directive:

Slingshot.createDirective("myFileUploads", Slingshot.S3Storage, {
  bucket: "mybucket",
  allowedFileTypes: ["image/png", "image/jpeg", "image/gif"],

  acl: "public-read",

  authorize: function () {
    //You can add user restrictions here
    return true;

  key: function (file) {

This directive will generate policy and signature automatically.

And them just upload it like this:

var uploader = new Slingshot.Upload("myFileUploads");

uploader.send(document.getElementById('input').files[0], function (error, url) {
  Meteor.users.update(Meteor.userId(), {$push: {"profile.files": url}});