Create a Robust File Upload Handler with Validation and Cloud Storage Integration
Build a production-ready file upload handler with validation, image processing, and cloud storage for your web app.
๐ The Prompt
Build a complete file upload handler for a [FRAMEWORK] application in [PROGRAMMING_LANGUAGE] that supports single and multiple file uploads with comprehensive validation and cloud storage integration. The handler should meet these requirements:
1. **Upload Endpoint(s)**:
- Create a [HTTP_METHOD] endpoint at `/api/[RESOURCE]/upload` that accepts multipart/form-data.
- Support both single file uploads and batch uploads of up to [MAX_FILES] files per request.
- Accept an optional [METADATA_FIELDS] (e.g., description, category, tags) alongside the file(s).
2. **File Validation**:
- Restrict allowed MIME types to [ALLOWED_TYPES] (e.g., image/jpeg, image/png, application/pdf).
- Enforce a maximum file size of [MAX_FILE_SIZE] per file.
- Validate the file's magic bytes (not just the extension) to prevent disguised malicious files.
- Sanitize file names to remove special characters, path traversals, and Unicode tricks.
- Scan for or flag potential security risks (e.g., executable content in images, embedded scripts in PDFs).
3. **Processing Pipeline**:
- For image uploads: generate a thumbnail ([THUMBNAIL_SIZE] pixels) and optimize/compress the original.
- Generate a unique file name using UUID or content hash to prevent collisions.
- Extract and store file metadata (size, dimensions for images, MIME type, upload timestamp).
4. **Storage Integration**:
- Upload processed files to [STORAGE_PROVIDER] (e.g., AWS S3, Google Cloud Storage, Azure Blob, local disk).
- Organize files into structured paths: `[BUCKET_NAME]/[RESOURCE]/{year}/{month}/{uuid}.{ext}`.
- Generate and return a signed URL (with [URL_EXPIRY] expiration) or public URL based on a visibility parameter.
5. **Database Record**: Save a file record to the database with fields: id, original_name, stored_path, mime_type, size_bytes, uploaded_by, thumbnail_path, created_at. Provide the schema/model definition.
6. **Error Handling & Progress**: Return clear validation error messages for rejected files. Include guidance on how to implement upload progress tracking on the client side.
Provide complete working code including the route, controller/handler, validation logic, storage utility, and database model. List all required dependencies and environment variables.
๐ก Tips for Better Results
Be specific about your storage provider and framework โ the code for S3 vs GCS vs Azure differs significantly in SDK usage.
If you handle user-generated content, mention it so the AI includes extra security measures like antivirus scanning hooks.
Consider asking for a corresponding frontend component (drag-and-drop uploader with progress bar) as a follow-up prompt.
๐ฏ Use Cases
Backend developers building content management systems, social platforms, or any application where users upload files that need validation, processing, and secure cloud storage.
๐ Related Prompts
๐ป Coding
beginner
Explain Code Like Im a Beginner
Get any code explained in plain English with line-by-line breakdowns, analogies, and learning suggestions.
๐ป Coding
beginner
Debug My Code and Explain the Fix
Get your code debugged with clear explanations of what went wrong and why, plus the corrected version.
๐ป Coding
intermediate
Write Unit Tests for My Code
Generate thorough unit tests covering edge cases, error handling, and both positive and negative scenarios.
๐ป Coding
intermediate
Convert Code Between Languages
Convert code between any programming languages while maintaining idiomatic patterns and best practices.
๐ป Coding
intermediate
Write a REST API Endpoint
Generate production-ready REST API endpoints with validation, error handling, and documentation.
๐ป Coding
advanced
Refactor Code for Better Performance
Get your code refactored for better performance with Big O analysis and design pattern suggestions.