Thanks Janko for your awesome work on Shrine.
We are attempting to integrate CloudFlare Stream in our application for our users. CloudFlare Stream provides a tus server endpoint which videos can be uploaded to. This works great with Uppy, and we can then store the metadata and attachment url in Shrine by passing uploaded data to a hidden field on upload success with our Rails app.
We wish we could stop there, but unfortunately CloudFlare’s authentication is a static API key which is then exposed in our frontend JS with Uppy, so we cannot upload directly to the CloudFlare tus endpoint or we risk users being able to take our API token and abuse it for unlimited CloudFlare Stream access anywhere.
To get around this and keep our account secure, we’d like to upload to S3 as a cache storage and then use our Shrine uploader to pass the data to the CloudFlare tus server as the permanent storage when the record is saved.
I’m not sure how to do this though. Everything I have read uses the tus server as the cache storage which makes sense, but unfortunately we can’t do this with CloudFlare because they haven’t implemented something like signature authentication that Transloadit uses to use Uppy securely.
If what I need to do is take the URL of the file in the cache storage and pass it to CloudFlare’s tus endpoint with an authorization header, and then get the storage URL and metadata from the response to set the attachment attributes, how would this look in my uploader? (I don’t know if the promote method would even be the correct way to do this because I don’t want my webserver to use resources reading the data, I simply want to pass the cache store URL to CloudFlare’s endpoint and get CloudFlare’s response to save)
Finally, I am still using Shrine version 2 if it changes anything.