利用STS臨時授權實現百度雲對象存儲前端大文件上傳
工具
百度雲 JavaScript SDK
百度雲 Python SDK
服務端
環境准備
-
安裝pycrypto依賴
安裝SDK之前,需要先執行命令
pip install pycrypto安裝pycrypto依賴。
如果安裝失敗,請執行pip install pycryptodome -
安裝SDK
pip install bce-python-sdk
獲取STS臨時授權DEMO
授權規則詳見官方文檔:https://cloud.baidu.com/doc/BOS/s/Tjwvysda9#臨時授權訪問
# coding: utf-8
import uuid
from baidubce.bce_client_configuration import BceClientConfiguration
from baidubce.auth.bce_credentials import BceCredentials
from baidubce import protocol
from baidubce.services.sts.sts_client import StsClient
access_key = '******'
secret_key = '******'
endpoint = 'sts.bj.baidubce.com'
def get_session_token(bucket_name, mode=None, expire=300):
"""
:param bucket_name: 桶名
:param mode: [READ/WRITE/LIST/GetObject]
:param expire: 過期時間
:return:
"""
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
sts_config = BceClientConfiguration(
credentials=BceCredentials(
access_key_id=access_key,
secret_access_key=secret_key
),
endpoint=endpoint,
protocol=getattr(protocol, 'HTTPS')
)
body = {
"accessControlList": [
{
"service": "bce:bos",
"region": "bj",
"effect": "Allow",
"resource": [f"{bucket_name}/*"],
"permission": mode or ['READ']
}
]
}
sts = StsClient(sts_config)
resp = sts.get_session_token(body, expire)
data = {
'ak': resp.access_key_id,
'sk': resp.secret_access_key,
'expire': resp.expiration,
'session_token': resp.session_token,
'bucket_name': bucket_name,
'endpoint': endpoint,
'key': uuid.uuid4.hex
}
return data
if __name__ == '__main__':
res = get_session_token('bucket-name',mode=['WRITE'], expire=86400)
print(res['ak'])
print(res['sk'])
print(res['session_token'])
# res各項 為前端往百度雲bos上傳時需要的參數
瀏覽器
環境准備
Node.js環境:
npm install @baiducloud/sdk
Node.js實現詳見官方文檔:https://cloud.baidu.com/doc/BOS/s/Djwvyrhiw
這里示例CDN引入的demo
CDN引入方式DEMO
bce-bos-uploader詳細使用規則:https://github.com/baidubce/bce-bos-uploader/
<!doctype html>
<html>
<head>
<meta charset="utf-8" />
<title>bce-bos-uploader simple demo</title>
<!--[if lt IE 8]><script src="http://websdk.cdn.bcebos.com/bos/json3/lib/json3.min.js"></script><![endif]-->
<!--[if lt IE 9]><script src="http://websdk.cdn.bcebos.com/bos/js-polyfills/es5.js"></script><![endif]-->
<!--[if lt IE 10]><script src="http://websdk.cdn.bcebos.com/bos/moxie/bin/js/moxie.js"></script><![endif]-->
<script src="https://cdn.bdstatic.com/bce-bos-uploader-lite/1.0.9/bce-bos-uploader-lite.min.js"></script>
<script src="https://cdn.bootcss.com/jquery/3.2.1/jquery.min.js"></script>
</head>
<body>
<input type="file" id="file" >
<button onclick="submit">上傳</button>
<script>
function getSTSToken(filename){
# html通過js調用后端接口拿到STS臨時授權所需的ak、sk、uptoken、bucket_name、endpoint、key等數據
var resp = null;
$.ajax(
{
type: "GET",
url: 'http://127.0.0.1:8080/sts/Token',
dataType: 'json',
data: {
filename: filename
},
async: false
}
).done(function (data) {
resp = data
});
return resp
}
var uploader = new baidubce.bos.Uploader({
browse_button: '#file',
max_file_size: '3000M',
bos_multipart_min_size: '0',
auto_start: true,
init: {
Key: function (_, file) { // 供使用者自定義key(上傳到桶里的名字),可以在這里調用服務端拿到所需參數
data = getSTSToken(file.name)
console.log(data.data)
uploader.setOptions({
bos_ak: data.data.ak,
bos_sk: data.data.sk,
uptoken: data.data.uptoken,
bos_endpoint: data.data.endpoint,
bos_bucket: data.data.bucket_name,
})
return data.data.key
},
FileUploaded: function (_, file, info) {
// 文件上傳成功之后,調用這個函數
console.log(info.body);
// 處理成功的業務邏輯
},
Error: function (_, error, file) {
// 如果上傳的過程中出錯了,調用這個函數
},
}
})
function submit(){
uploader.start()
}
</script>
</body>
</html>