验证大文件上传
我正在实现一个必须接受相当大的文件上传的 API。该请求将包含用于身份验证的电子邮件和密码参数。强制开发人员将电子邮件和密码参数放在文件数据之前是否合理?
我正在使用 Formidable(一个 Node 模块)来解析正文,我想如果我可以在接受整个文件之前找出电子邮件和密码(并尝试进行身份验证),我可以通过关闭连接来节省内存和处理器周期在所有数据流入之前。我应该担心这个吗?
我当然可以将数据写入临时目录,并根据身份验证尝试删除或移动它,但我想找到一种更好的方法(如果存在)。
谢谢。
I'm implementing an API that must accept fairly large file uploads. The request will contain email and password parameters for authentication. Is it reasonable to force developers to place the email and password parameters /before/ the file data?
I'm using Formidable (a Node module) to parse the body and I figured that if I could pick out the email and password (and attempt to authenticate) before accepting the entire file, I could save memory and processor cycles by closing the connection before all the data streams in. Should I even worry about this?
I can certainly write the data to a temporary directory and either delete or move it based on the authentication attempt, but I'd like to find a better way, if one exists.
Thank you.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我想说的是,在接受某人的大量数据之前,坚持要求某人证明他/她是谁(等等)是可以的。
I'd say yes, it's OK to insist that someone proves who he/she is (and so forth) before accepting a large amount of data from him/her.