https://han-gr.github.io/tags/%E5%AF%B9%E8%B1%A1%E5%AD%98%E5%82%A8/Recent content in 对象存储 on HanGR的碎碎念Hugo -- gohugo.iozh-cnThu, 05 Dec 2024 00:00:00 +0000https://han-gr.github.io/p/2024-12-05-cloudflare-r2-%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E5%AE%9E%E6%88%98%E7%94%A8%E6%88%B7%E4%B8%8A%E4%BC%A0%E4%B8%8E-cms-%E5%9B%BE%E7%89%87%E5%88%86%E6%A1%B6%E7%AE%A1%E7%90%86/Thu, 05 Dec 2024 00:00:00 +0000https://han-gr.github.io/p/2024-12-05-cloudflare-r2-%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E5%AE%9E%E6%88%98%E7%94%A8%E6%88%B7%E4%B8%8A%E4%BC%A0%E4%B8%8E-cms-%E5%9B%BE%E7%89%87%E5%88%86%E6%A1%B6%E7%AE%A1%E7%90%86/<img src="https://han-gr.github.io/p/2024-12-05-cloudflare-r2-%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E5%AE%9E%E6%88%98%E7%94%A8%E6%88%B7%E4%B8%8A%E4%BC%A0%E4%B8%8E-cms-%E5%9B%BE%E7%89%87%E5%88%86%E6%A1%B6%E7%AE%A1%E7%90%86/R2.jpg" alt="Featured image of post Cloudflare R2 文件上传实战：用户上传与 CMS 图片分桶管理" /> <blockquote> <p>Workers 没有文件系统，所有文件都得存 R2。聊聊用户上传和 CMS 图片管理的完整方案。</p> </blockquote> <h2 id="为什么用-r2">为什么用 R2 </h2><p>Cloudflare Workers 没有文件系统，不能像 Node.js 那样 <code>fs.writeFile()</code>。R2 是 Cloudflare 的对象存储，兼容 S3 API：</p> <ul> <li>全球分布式，边缘节点就近访问</li> <li>无出口流量费（对比 S3 的 0.09/GB）</li> <li>与 Workers 天然集成，零配置</li> </ul> <h2 id="分桶策略">分桶策略 </h2><p>RuiToolAI 用两个 R2 Bucket 隔离不同用途的文件：</p> <table> <thead> <tr> <th>Bucket</th> <th>用途</th> <th>访问权限</th> </tr> </thead> <tbody> <tr> <td><code>IMAGES_R2</code></td> <td>CMS 图片（运营上传）</td> <td>公开读取</td> </tr> <tr> <td><code>USER_UPLOADS_BUCKET</code></td> <td>用户上传的文件</td> <td>需认证</td> </tr> </tbody> </table> <p>分桶的好处：</p> <ul> <li>权限隔离：CMS 图片公开访问，用户文件需要鉴权</li> <li>成本隔离：可以分别设置生命周期策略</li> <li>数据隔离：不会因为用户上传影响 CMS 内容</li> </ul> <h2 id="cms-图片上传">CMS 图片上传 </h2><p>CMS 图片上传流程：</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span><span class="lnt">26 </span><span class="lnt">27 </span><span class="lnt">28 </span><span class="lnt">29 </span><span class="lnt">30 </span><span class="lnt">31 </span><span class="lnt">32 </span><span class="lnt">33 </span><span class="lnt">34 </span><span class="lnt">35 </span><span class="lnt">36 </span><span class="lnt">37 </span><span class="lnt">38 </span><span class="lnt">39 </span><span class="lnt">40 </span><span class="lnt">41 </span><span class="lnt">42 </span><span class="lnt">43 </span><span class="lnt">44 </span><span class="lnt">45 </span><span class="lnt">46 </span><span class="lnt">47 </span><span class="lnt">48 </span><span class="lnt">49 </span><span class="lnt">50 </span><span class="lnt">51 </span><span class="lnt">52 </span><span class="lnt">53 </span><span class="lnt">54 </span><span class="lnt">55 </span><span class="lnt">56 </span><span class="lnt">57 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-typescript" data-lang="typescript"><span class="line"><span class="cl"><span class="c1">// src/actions/upload-image.action.ts </span></span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="kr">export</span> <span class="kr">const</span> <span class="nx">uploadImageAction</span> <span class="o">=</span> <span class="nx">actionClient</span> </span></span><span class="line"><span class="cl"> <span class="p">.</span><span class="nx">inputSchema</span><span class="p">(</span><span class="nx">uploadImageSchema</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="p">.</span><span class="nx">action</span><span class="p">(</span><span class="kr">async</span> <span class="p">({</span> <span class="nx">parsedInput</span>: <span class="kt">input</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="nx">withRateLimit</span><span class="p">(</span><span class="kr">async</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="c1">// 1. 权限检查：必须是管理员 </span></span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">session</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">requireAdmin</span><span class="p">({</span> <span class="nx">doNotThrowError</span>: <span class="kt">true</span> <span class="p">});</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">session</span><span class="o">?</span><span class="p">.</span><span class="nx">user</span><span class="o">?</span><span class="p">.</span><span class="nx">id</span><span class="p">)</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">throw</span> <span class="k">new</span> <span class="nx">ActionError</span><span class="p">(</span><span class="s2">&#34;FORBIDDEN&#34;</span><span class="p">,</span> <span class="s2">&#34;You must be logged in&#34;</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="p">}</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="p">{</span> <span class="nx">file</span><span class="p">,</span> <span class="nx">collection</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">input</span><span class="p">;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1">// 2. 文件大小校验 </span></span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="p">(</span><span class="nx">file</span><span class="p">.</span><span class="nx">size</span> <span class="o">&gt;</span> <span class="nx">CMS_IMAGE_MAX_FILE_SIZE</span><span class="p">)</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">throw</span> <span class="k">new</span> <span class="nx">ActionError</span><span class="p">(</span><span class="s2">&#34;INPUT_PARSE_ERROR&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="sb">`File size exceeds maximum of </span><span class="si">${</span><span class="nx">CMS_IMAGE_MAX_FILE_SIZE</span> <span class="o">/</span> <span class="mi">1024</span> <span class="o">/</span> <span class="mi">1024</span><span class="si">}</span><span class="sb">MB`</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="p">}</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1">// 3. 文件类型校验（检查 magic bytes，不是 MIME type） </span></span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">arrayBuffer</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nx">arrayBuffer</span><span class="p">();</span> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">detectedType</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">fileTypeFromBuffer</span><span class="p">(</span><span class="nx">arrayBuffer</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">detectedType</span> <span class="o">||</span> <span class="o">!</span><span class="nx">CMS_ALLOWED_IMAGE_TYPES</span><span class="p">.</span><span class="nx">includes</span><span class="p">(</span><span class="nx">detectedType</span><span class="p">.</span><span class="nx">mime</span><span class="p">))</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">throw</span> <span class="k">new</span> <span class="nx">ActionError</span><span class="p">(</span><span class="s2">&#34;INPUT_PARSE_ERROR&#34;</span><span class="p">,</span> <span class="s2">&#34;Invalid file type&#34;</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="p">}</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1">// 4. 生成唯一文件名 </span></span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">uniqueFilename</span> <span class="o">=</span> <span class="nx">generateUniqueFilename</span><span class="p">({</span> </span></span><span class="line"><span class="cl"> <span class="nx">originalFilename</span>: <span class="kt">file.name</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">extension</span>: <span class="kt">detectedType.ext</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1">// 5. 上传到 R2 </span></span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">r2Key</span> <span class="o">=</span> <span class="nx">getCmsImageR2Key</span><span class="p">({</span> <span class="nx">collection</span><span class="p">,</span> <span class="nx">filename</span>: <span class="kt">uniqueFilename</span> <span class="p">});</span> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="p">{</span> <span class="nx">env</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">getCloudflareContext</span><span class="p">();</span> </span></span><span class="line"><span class="cl"> <span class="k">await</span> <span class="nx">env</span><span class="p">.</span><span class="nx">IMAGES_R2</span><span class="p">.</span><span class="nx">put</span><span class="p">(</span><span class="nx">r2Key</span><span class="p">,</span> <span class="nx">arrayBuffer</span><span class="p">,</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="nx">httpMetadata</span><span class="o">:</span> <span class="p">{</span> <span class="nx">contentType</span>: <span class="kt">detectedType.mime</span> <span class="p">},</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="c1">// 6. 记录到 CMS 媒体库 </span></span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">publicUrl</span> <span class="o">=</span> <span class="nx">getCmsImagePublicUrl</span><span class="p">(</span><span class="nx">r2Key</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="k">await</span> <span class="nx">db</span><span class="p">.</span><span class="nx">insert</span><span class="p">(</span><span class="nx">cmsMediaTable</span><span class="p">).</span><span class="nx">values</span><span class="p">({</span> </span></span><span class="line"><span class="cl"> <span class="nx">filename</span>: <span class="kt">uniqueFilename</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">originalFilename</span>: <span class="kt">file.name</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">r2Key</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">publicUrl</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">mimeType</span>: <span class="kt">detectedType.mime</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">fileSize</span>: <span class="kt">file.size</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">uploadedBy</span>: <span class="kt">session.user.id</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">collection</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="p">{</span> <span class="nx">url</span>: <span class="kt">publicUrl</span> <span class="p">};</span> </span></span><span class="line"><span class="cl"> <span class="p">},</span> <span class="nx">RATE_LIMITS</span><span class="p">.</span><span class="nx">SETTINGS</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span></code></pre></td></tr></table> </div> </div><p>关键设计：</p> <ul> <li><strong>magic bytes 校验</strong>：用 <code>file-type</code> 库检查文件的实际内容，而不是信任 <code>Content-Type</code> 头</li> <li><strong>唯一文件名</strong>：<code>{cuid2}-{sanitized-filename}.ext</code>，避免冲突</li> <li><strong>文件名清理</strong>：<code>sanitizeFilename</code> 去掉路径分隔符和特殊字符</li> <li><strong>记录到数据库</strong>：媒体库需要可搜索、可管理</li> </ul> <h2 id="用户文件上传">用户文件上传 </h2><p>用户上传的文件存到 <code>USER_UPLOADS_BUCKET</code>，按用户 ID 隔离：</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span><span class="lnt">26 </span><span class="lnt">27 </span><span class="lnt">28 </span><span class="lnt">29 </span><span class="lnt">30 </span><span class="lnt">31 </span><span class="lnt">32 </span><span class="lnt">33 </span><span class="lnt">34 </span><span class="lnt">35 </span><span class="lnt">36 </span><span class="lnt">37 </span><span class="lnt">38 </span><span class="lnt">39 </span><span class="lnt">40 </span><span class="lnt">41 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-typescript" data-lang="typescript"><span class="line"><span class="cl"><span class="c1">// src/actions/upload-file.action.ts </span></span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="kd">function</span> <span class="nx">getUserUploadR2Key</span><span class="p">({</span> </span></span><span class="line"><span class="cl"> <span class="nx">userId</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">fileId</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">filename</span><span class="p">,</span> </span></span><span class="line"><span class="cl"><span class="p">}</span><span class="o">:</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="nx">userId</span>: <span class="kt">string</span><span class="p">;</span> </span></span><span class="line"><span class="cl"> <span class="nx">fileId</span>: <span class="kt">string</span><span class="p">;</span> </span></span><span class="line"><span class="cl"> <span class="nx">filename</span>: <span class="kt">string</span><span class="p">;</span> </span></span><span class="line"><span class="cl"><span class="p">})</span><span class="o">:</span> <span class="kt">string</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="sb">`users/</span><span class="si">${</span><span class="nx">userId</span><span class="si">}</span><span class="sb">/</span><span class="si">${</span><span class="nx">fileId</span><span class="si">}</span><span class="sb">-</span><span class="si">${</span><span class="nx">sanitizeFilename</span><span class="p">(</span><span class="nx">filename</span><span class="p">)</span><span class="si">}</span><span class="sb">`</span><span class="p">;</span> </span></span><span class="line"><span class="cl"><span class="p">}</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="kr">export</span> <span class="kr">const</span> <span class="nx">uploadFileAction</span> <span class="o">=</span> <span class="nx">actionClient</span> </span></span><span class="line"><span class="cl"> <span class="p">.</span><span class="nx">inputSchema</span><span class="p">(</span><span class="nx">uploadFileSchema</span><span class="p">)</span> </span></span><span class="line"><span class="cl"> <span class="p">.</span><span class="nx">action</span><span class="p">(</span><span class="kr">async</span> <span class="p">({</span> <span class="nx">parsedInput</span>: <span class="kt">input</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="nx">withRateLimit</span><span class="p">(</span><span class="kr">async</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="c1">// 需要已验证邮箱 </span></span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">session</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">requireVerifiedEmail</span><span class="p">();</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">session</span><span class="o">?</span><span class="p">.</span><span class="nx">user</span><span class="o">?</span><span class="p">.</span><span class="nx">id</span><span class="p">)</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">throw</span> <span class="k">new</span> <span class="nx">ActionError</span><span class="p">(</span><span class="s2">&#34;NOT_AUTHORIZED&#34;</span><span class="p">,</span> <span class="s2">&#34;Unauthorized&#34;</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="p">}</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="p">{</span> <span class="nx">file</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">input</span><span class="p">;</span> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">fileId</span> <span class="o">=</span> <span class="nx">createId</span><span class="p">();</span> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">r2Key</span> <span class="o">=</span> <span class="nx">getUserUploadR2Key</span><span class="p">({</span> </span></span><span class="line"><span class="cl"> <span class="nx">userId</span>: <span class="kt">session.user.id</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">fileId</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="nx">filename</span>: <span class="kt">file.name</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">arrayBuffer</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">file</span><span class="p">.</span><span class="nx">arrayBuffer</span><span class="p">();</span> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="p">{</span> <span class="nx">env</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">getCloudflareContext</span><span class="p">();</span> </span></span><span class="line"><span class="cl"> <span class="k">await</span> <span class="nx">env</span><span class="p">.</span><span class="nx">USER_UPLOADS_BUCKET</span><span class="p">.</span><span class="nx">put</span><span class="p">(</span><span class="nx">r2Key</span><span class="p">,</span> <span class="nx">arrayBuffer</span><span class="p">,</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="nx">httpMetadata</span><span class="o">:</span> <span class="p">{</span> <span class="nx">contentType</span>: <span class="kt">file.type</span> <span class="p">},</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="p">{</span> <span class="nx">r2Key</span><span class="p">,</span> <span class="nx">filename</span>: <span class="kt">file.name</span> <span class="p">};</span> </span></span><span class="line"><span class="cl"> <span class="p">},</span> <span class="nx">RATE_LIMITS</span><span class="p">.</span><span class="nx">SETTINGS</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span></code></pre></td></tr></table> </div> </div><p>路径格式：<code>users/{userId}/{fileId}-{filename}</code>，每个用户的文件在独立前缀下。</p> <h2 id="文件类型校验">文件类型校验 </h2><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-typescript" data-lang="typescript"><span class="line"><span class="cl"><span class="c1">// 允许的图片类型 </span></span></span><span class="line"><span class="cl"><span class="kr">const</span> <span class="nx">CMS_ALLOWED_IMAGE_TYPES</span> <span class="o">=</span> <span class="p">[</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;image/jpeg&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;image/png&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;image/gif&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;image/webp&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;image/svg+xml&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"><span class="p">]</span> <span class="kr">as</span> <span class="kr">const</span><span class="p">;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1">// 用 file-type 库检测 magic bytes </span></span></span><span class="line"><span class="cl"><span class="kr">const</span> <span class="nx">detectedType</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">fileTypeFromBuffer</span><span class="p">(</span><span class="nx">arrayBuffer</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">detectedType</span> <span class="o">||</span> <span class="o">!</span><span class="nx">CMS_ALLOWED_IMAGE_TYPES</span><span class="p">.</span><span class="nx">includes</span><span class="p">(</span><span class="nx">detectedType</span><span class="p">.</span><span class="nx">mime</span><span class="p">))</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">throw</span> <span class="k">new</span> <span class="nx">ActionError</span><span class="p">(</span><span class="s2">&#34;INPUT_PARSE_ERROR&#34;</span><span class="p">,</span> <span class="s2">&#34;Invalid file type&#34;</span><span class="p">);</span> </span></span><span class="line"><span class="cl"><span class="p">}</span> </span></span></code></pre></td></tr></table> </div> </div><p>不要信任 <code>file.type</code>（前端可以伪造），必须用服务端 magic bytes 检测。</p> <h2 id="通过-api-访问文件">通过 API 访问文件 </h2><p>R2 的文件不直接暴露 URL，而是通过 API 路由代理：</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-typescript" data-lang="typescript"><span class="line"><span class="cl"><span class="c1">// src/app/api/cms-images/[...path]/route.ts </span></span></span><span class="line"><span class="cl"><span class="kr">export</span> <span class="kr">async</span> <span class="kd">function</span> <span class="nx">GET</span><span class="p">(</span><span class="nx">request</span>: <span class="kt">Request</span><span class="p">)</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="p">{</span> <span class="nx">env</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">getCloudflareContext</span><span class="p">();</span> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="nx">path</span> <span class="o">=</span> <span class="cm">/* 从 URL 中提取 */</span><span class="p">;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="kr">const</span> <span class="kt">object</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">env</span><span class="p">.</span><span class="nx">IMAGES_R2</span><span class="p">.</span><span class="kr">get</span><span class="p">(</span><span class="nx">path</span><span class="p">);</span> </span></span><span class="line"><span class="cl"> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="kt">object</span><span class="p">)</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="k">new</span> <span class="nx">Response</span><span class="p">(</span><span class="s2">&#34;Not found&#34;</span><span class="p">,</span> <span class="p">{</span> <span class="nx">status</span>: <span class="kt">404</span> <span class="p">});</span> </span></span><span class="line"><span class="cl"> <span class="p">}</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"> <span class="k">return</span> <span class="k">new</span> <span class="nx">Response</span><span class="p">(</span><span class="kt">object</span><span class="p">.</span><span class="nx">body</span><span class="p">,</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="nx">headers</span><span class="o">:</span> <span class="p">{</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;Content-Type&#34;</span><span class="o">:</span> <span class="kt">object</span><span class="p">.</span><span class="nx">httpMetadata</span><span class="o">?</span><span class="p">.</span><span class="nx">contentType</span> <span class="o">||</span> <span class="s2">&#34;application/octet-stream&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="s2">&#34;Cache-Control&#34;</span><span class="o">:</span> <span class="s2">&#34;public, max-age=31536000, immutable&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="p">},</span> </span></span><span class="line"><span class="cl"> <span class="p">});</span> </span></span><span class="line"><span class="cl"><span class="p">}</span> </span></span></code></pre></td></tr></table> </div> </div><p>用户文件同理，但需要先验证 Session。</p> <h2 id="总结">总结 </h2><ul> <li>两个 Bucket 隔离 CMS 和用户文件</li> <li>用 <code>file-type</code> 做 magic bytes 校验，不信任前端 MIME type</li> <li>文件名用 <code>cuid2</code> 保证唯一性，<code>sanitizeFilename</code> 防止路径穿越</li> <li>文件通过 API 路由代理访问，可以做权限控制和缓存策略</li> </ul>