Filepicker默认允许pretty的很多大家将文件添加到您的S3存储谁是聪明地复制你的API密钥出来的客户端code，幸运的是还提供了即将到期的政策，一个安全的选择。

Filepicker by default allows pretty much everybody to add files to your S3 bucket who was clever enough to copy your API key out of the client code and luckily also offers a security option with expiring policies.

不过，我不知道如何在Meteor.js来实现这一点。试图来回，安装流星加密基本包，试图在服务器上生成的哈希值，试穿的 https://github.com/RGBboy/urlsafe-base64 。但我只是没有得到任何进一步。也许有人能帮助！谢谢你在前进。

But I have no idea how to implement this in Meteor.js. Tried back and forth, installing meteor-crypto-base package, trying to generate the hashes on the server, tried RGBboy's urlsafe-base64 algorithm on https://github.com/RGBboy/urlsafe-base64. But I just do not get any further. Maybe someone can help! Thank you in advance.

推荐答案

这是如何做到filepicker签署的网​​址在流星的基础上，文件的此处：

This is an example of how to do filepicker signed URLs in meteor, based on the documentation here:

var crypto = Npm.require('crypto');
var FILEPICKER_KEY = 'Z3IYZSH2UJA7VN3QYFVSVCF7PI';
var BASE_URL = 'https://www.filepicker.io/api/file';

Meteor.methods({
  signedUrl: function(handle) {
    var expiry = Math.floor(new Date().getTime() / 1000 + 60 * 60);

    var policy = new Buffer(JSON.stringify({
      handle: handle,
      expiry: expiry
    })).toString('base64');

    var signature = crypto
      .createHmac('sha256', FILEPICKER_KEY)
      .update(policy)
      .digest('hex');

    return BASE_URL + "/" + handle +
      "?signature=" + signature + "&policy=" + policy;
  }
});

请注意，这将需要的地方存在你的服务器目录里面，所以你不发货的关键客户。为了证明它的工作原理，在客户端可以调用它像这样：

Note this will need to exist somewhere inside of your server directory so you don't ship the key to the client. To demonstrate that it works, on the client side you can call it like so:

Meteor.call('signedUrl', 'KW9EJhYtS6y48Whm2S6D', function(err, url){console.log(url)});

如果一切正常，你应该看到的照片，当您访问返回的URL。

If everything worked, you should see a photo when you visit the returned URL.