refactor(users): improve cloudinary profile upload

Author: devxsameer

.vscode/settings.json

@@ -5,7 +5,8 @@
     "db",
     "validation",
     "comments",
-    "dashboard"
+    "dashboard",
+    "users"
   ],
   "cSpell.words": ["unliked"],
   "postman.settings.dotenv-detection-notification-visibility": false

src/modules/user/user.controller.ts

@@ -33,9 +33,9 @@ export async function adminUpdateUser(req: Request, res: Response) {
 }
 
 export async function updateAvatar(req: Request, res: Response) {
-  const { avatarUrl } = updateAvatarSchema.parse(req.body);
+  const { publicId } = updateAvatarSchema.parse(req.body);
 
-  const user = await UserService.updateAvatar(req.user!.id, avatarUrl);
+  const user = await UserService.updateAvatar(req.user!.id, publicId);
 
   return sendResponse(res, {
     message: "Profile picture updated",
@@ -44,11 +44,11 @@ export async function updateAvatar(req: Request, res: Response) {
 }
 
 export async function getAvatarUpload(req: Request, res: Response) {
-  const signatureData = UserService.getAvatarUploadSignature(req.user!.id);
+  const signature = UserService.getAvatarUploadSignature(req.user!.id);
 
   return sendResponse(res, {
     message: "Upload signature generated",
-    data: signatureData,
+    data: signature,
   });
 }
 

src/modules/user/user.schema.ts

@@ -19,7 +19,7 @@ export const adminListUsersQuerySchema = z.object({
 });
 
 export const updateAvatarSchema = z.object({
-  avatarUrl: z.url(),
+  publicId: z.string(),
 });
 
 export const userIdParamSchema = z.object({

src/modules/user/user.service.ts

@@ -4,7 +4,7 @@ import { ForbiddenError, NotFoundError } from "@/errors/http-errors.js";
 import { canUpdateUser } from "./user.policy.js";
 import { AuthUser } from "@/@types/auth.js";
 import { cloudinary } from "@/config/cloudinary.js";
-import crypto from "node:crypto";
+import { buildAvatarUrl } from "./user.utils.js";
 
 export async function updateMe(
   user: AuthUser,
@@ -32,32 +32,51 @@ export async function adminUpdateUser(
   return user;
 }
 
-export async function updateAvatar(userId: string, avatarUrl: string) {
+export async function updateAvatar(userId: string, publicId: string) {
+  const expectedPublicId = `blog/avatars/avatar_${userId}`;
+  if (publicId !== expectedPublicId) {
+    throw new ForbiddenError("Invalid avatar reference");
+  }
+
+  let resource;
+  try {
+    resource = await cloudinary.api.resource(publicId, {
+      resource_type: "image",
+    });
+  } catch {
+    throw new NotFoundError("Uploaded avatar not found");
+  }
+
+  const avatarUrl = buildAvatarUrl(resource, 256);
   const [user] = await UserRepo.updateUser(userId, { avatarUrl });
   return user;
 }
 
 export function getAvatarUploadSignature(userId: string) {
+  const { cloud_name, api_key, api_secret } = cloudinary.config();
+
   const timestamp = Math.floor(Date.now() / 1000);
+  const publicId = `avatar_${userId}`;
 
-  const publicId = `avatars/${userId}-${crypto.randomUUID()}`;
+  const paramsToSign = {
+    timestamp,
+    folder: "blog/avatars",
+    public_id: publicId,
+  };
 
   const signature = cloudinary.utils.api_sign_request(
-    {
-      timestamp,
-      public_id: publicId,
-      folder: "avatars",
-    },
-    cloudinary.config().api_secret!,
+    paramsToSign,
+    api_secret!,
   );
 
   return {
-    cloudName: cloudinary.config().cloud_name,
-    apiKey: cloudinary.config().api_key,
-    timestamp,
-    signature,
+    uploadUrl: `https://api.cloudinary.com/v1_1/${cloud_name}/image/upload`,
+    fields: {
+      api_key,
+      signature,
+      ...paramsToSign,
+    },
     publicId,
-    uploadPreset: undefined,
   };
 }
 

src/modules/user/user.utils.ts

@@ -0,0 +1,16 @@
+import { cloudinary } from "@/config/cloudinary.js";
+
+export function buildAvatarUrl(
+  resource: { public_id: string; version: string },
+  size = 256,
+) {
+  return cloudinary.url(resource.public_id, {
+    version: resource.version,
+    width: size,
+    height: size,
+    crop: "fill",
+    gravity: "face",
+    quality: "auto",
+    fetch_format: "auto",
+  });
+}