To install dependencies:
bun install cf-images
This project was created using bun init in bun v1.1.0. Bun is a fast all-in-one JavaScript runtime.
This library is designed for server-side use only. Never use it in client-side code or expose your Cloudflare credentials in the browser.
// ❌ NEVER DO THIS (client-side code)
const uploader = new CFImages({
token: "your-token", // NEVER expose tokens in client code
accountId: "your-id",
});
// ✅ DO THIS (server-side code)
const uploader = new CFImages({
token: process.env.CLOUDFLARE_TOKEN,
accountId: process.env.CLOUDFLARE_ACCOUNT_ID,
});
Always use environment variables or a secure secrets management system to handle credentials:
# .env
CLOUDFLARE_TOKEN=your-token-here
CLOUDFLARE_ACCOUNT_ID=your-account-id-here
Here's a complete example of a secure implementation:
// config/cloudflare.ts
import { CFImages } from "cf-images";
import dotenv from "dotenv";
export function createSecureUploader() {
dotenv.config();
if (!process.env.CLOUDFLARE_TOKEN || !process.env.CLOUDFLARE_ACCOUNT_ID) {
throw new Error("Missing required Cloudflare credentials");
}
return new CFImages({
token: process.env.CLOUDFLARE_TOKEN,
accountId: process.env.CLOUDFLARE_ACCOUNT_ID,
imageAccountHash: process.env.IMAGE_ACCOUNT_HASH,
});
}
// api/upload.ts
import express from "express";
import { createSecureUploader } from "../config/cloudflare";
const router = express.Router();
router.post(
"/upload",
authMiddleware, // Implement your authentication
async (req, res) => {
const uploader = createSecureUploader();
// Handle upload...
}
);
Remember: Security is a shared responsibility. While this library implements security best practices, proper implementation in your application is crucial.