Use a worker to conditionally allow file upload request


#1

I would like to have a worker do the following:

Client wants to upload a file -> make a request lets say to “site.com/upload”. The request will include a token (POST).

Worker gets the request (with the file), then takes the token, and check with the server (lets say “site.com/tokenChecker?token=_____”) and get a result (0 or 1 or TRUE\FALSE)
if True, only then - pass on the request with the file to the origin server. else - Return an error and drop the request.

The need of this is to prevent an attacker from performing garbage uploads when not permitted, stealing bandwidth, etc.

Can this be done?


#3

I’m happy to give an answer! In general you can absolutely do what you’re asking.

You’ll either want to store your tokens (maybe in the Workers KV), or make your tokens something which only you could have cryptographically signed (using something like HMAC). Then you can check them exactly as you describe.