Uploading files to the server

November 8, 2021

So far, in this series, we’ve described two ways of storing files on a server. We’ve previously uploaded files to Amazon S3. While it is very scalable, we might not want to use cloud services such as AWS for various reasons. We’ve also learned how to store files straight in our PostgreSQL database. While it has some advantages, it might be perceived as less than ideal in terms of performance.

In this article, we look into using NestJS to store uploaded files on the server. Again, we persist some information into the database, but it is just the metadata this time.

Storing the files on the server#

Fortunately, NestJS makes it very easy to store the files on the server. We need to pass additional arguments to the FileInterceptor.

users.service.ts#

import { UsersService } from "./users.service"
import { Controller, Post, Req, UploadedFile, UseGuards, UseInterceptors } from "@nestjs/common"
import JwtAuthenticationGuard from "../authentication/jwt-authentication.guard"
import RequestWithUser from "../authentication/requestWithUser.interface"
import { Express } from "express"
import { FileInterceptor } from "@nestjs/platform-express"
import { diskStorage } from "multer"
@Controller("users")
export class UsersController {
  constructor(private readonly usersService: UsersService) {}
  @Post("avatar")
  @UseGuards(JwtAuthenticationGuard)
  @UseInterceptors(
    FileInterceptor("file", {
      storage: diskStorage({
        destination: "./uploadedFiles/avatars",
      }),
    }),
  )
  async addAvatar(@Req() request: RequestWithUser, @UploadedFile() file: Express.Multer.File) {
    return this.usersService.addAvatar(request.user.id, {
      path: file.path,
      filename: file.originalname,
      mimetype: file.mimetype,
    })
  }
}

When we do the above, NestJS stores uploaded files in the ./uploadedFiles/avatars directory.

There are a few issues with the above approach, though. First, we might need more than one endpoint to accept files. In such a case, we would need to repeat some parts of the configuration for each one of them. Also, we should put the ./uploadedFiles part of the destination in an environment variable to change it based on the environment the app runs in.

Extending the FileInterceptor#

A way to achieve the above is to extend the FileInterceptor. After looking under the hood of NestJS, we can see that it uses the mixin pattern. Because FileInterceptor is not a class, we can’t use the extend keyword.

We want to extend the FileInterceptor functionalities while:

having Dependency Injection to inject the ConfigService,
being able to pass additional properties from the controller.

To do that, we can create our mixin:

localFiles.interceptor.ts#

import { FileInterceptor } from "@nestjs/platform-express"
import { Injectable, mixin, NestInterceptor, Type } from "@nestjs/common"
import { ConfigService } from "@nestjs/config"
import { MulterOptions } from "@nestjs/platform-express/multer/interfaces/multer-options.interface"
import { diskStorage } from "multer"
interface LocalFilesInterceptorOptions {
  fieldName: string
  path?: string
}
function LocalFilesInterceptor(options: LocalFilesInterceptorOptions): Type<NestInterceptor> {
  @Injectable()
  class Interceptor implements NestInterceptor {
    fileInterceptor: NestInterceptor
    constructor(configService: ConfigService) {
      const filesDestination = configService.get("UPLOADED_FILES_DESTINATION")
      const destination = `${filesDestination}${options.path}`
      const multerOptions: MulterOptions = {
        storage: diskStorage({
          destination,
        }),
      }
      this.fileInterceptor = new (FileInterceptor(options.fieldName, multerOptions))()
    }
    intercept(...args: Parameters<NestInterceptor["intercept"]>) {
      return this.fileInterceptor.intercept(...args)
    }
  }
  return mixin(Interceptor)
}
export default LocalFilesInterceptor

Above, we use the UPLOADED_FILES_DESTINATION variable and concatenate it with the provided path. To do that, let’s define the necessary environment variable.

app.module.ts#

import { Module } from "@nestjs/common"
import { ConfigModule } from "@nestjs/config"
import * as Joi from "@hapi/joi"
@Module({
  imports: [
    ConfigModule.forRoot({
      validationSchema: Joi.object({
        UPLOADED_FILES_DESTINATION: Joi.string().required(), // ...
      }),
    }), // ...
  ], // ...
})
export class AppModule {
  // ...
}

.env#

UPLOADED_FILES_DESTINATION=./uploadedFiles
# ...

When all of the above is ready, we can use the LocalFilesInterceptor in our controller:

users.controller.ts#

import { UsersService } from "./users.service"
import { Controller, Post, Req, UploadedFile, UseGuards, UseInterceptors } from "@nestjs/common"
import JwtAuthenticationGuard from "../authentication/jwt-authentication.guard"
import RequestWithUser from "../authentication/requestWithUser.interface"
import { Express } from "express"
import LocalFilesInterceptor from "../localFiles/localFiles.interceptor"
@Controller("users")
export class UsersController {
  constructor(private readonly usersService: UsersService) {}
  @Post("avatar")
  @UseGuards(JwtAuthenticationGuard)
  @UseInterceptors(
    LocalFilesInterceptor({
      fieldName: "file",
      path: "/avatars",
    }),
  )
  async addAvatar(@Req() request: RequestWithUser, @UploadedFile() file: Express.Multer.File) {
    return this.usersService.addAvatar(request.user.id, {
      path: file.path,
      filename: file.originalname,
      mimetype: file.mimetype,
    })
  }
}

Saving the metadata in the database#

Besides storing the file on the server, we also need to save the file’s metadata in the database. Since NestJS generates a random filename for uploaded files, we also want to store the original filename. To do all of the above, we need to create an entity for the metadata.

localFile.entity.ts#

import { Column, Entity, PrimaryGeneratedColumn } from "typeorm"
@Entity()
class LocalFile {
  @PrimaryGeneratedColumn()
  public id: number
  @Column()
  filename: string
  @Column()
  path: string
  @Column()
  mimetype: string
}
export default LocalFile

localFile.dto.ts#

interface LocalFileDto {
  filename: string;
  path: string;
  mimetype: string;
}

We also need to create a relationship between users and files.

user.entity.ts#

import { Column, Entity, JoinColumn, OneToOne, PrimaryGeneratedColumn } from "typeorm"
import LocalFile from "../localFiles/localFile.entity"
@Entity()
class User {
  @PrimaryGeneratedColumn()
  public id: number
  @JoinColumn({ name: "avatarId" })
  @OneToOne(() => LocalFile, {
    nullable: true,
  })
  public avatar?: LocalFile
  @Column({ nullable: true })
  public avatarId?: number // ...
}
export default User

We add the avatarId column above so that the entity of the user can hold the id of the avatar without joining all of the data of the avatar.

While we’re at it, we also need to create the basics of the LocalFilesService:

localFiles.service.ts#

import { Injectable } from "@nestjs/common"
import { InjectRepository } from "@nestjs/typeorm"
import { Repository } from "typeorm"
import LocalFile from "./localFile.entity"
@Injectable()
class LocalFilesService {
  constructor(
    @InjectRepository(LocalFile)
    private localFilesRepository: Repository<LocalFile>,
  ) {}
  async saveLocalFileData(fileData: LocalFileDto) {
    const newFile = await this.localFilesRepository.create(fileData)
    await this.localFilesRepository.save(newFile)
    return newFile
  }
}
export default LocalFilesService

The last step is to use the saveLocalFileData method in the UsersService:

users.service.ts#

import { Injectable } from "@nestjs/common"
import { InjectRepository } from "@nestjs/typeorm"
import { Repository, Connection, In } from "typeorm"
import User from "./user.entity"
import LocalFilesService from "../localFiles/localFiles.service"
@Injectable()
export class UsersService {
  constructor(
    @InjectRepository(User)
    private usersRepository: Repository<User>,
    private localFilesService: LocalFilesService,
  ) {}
  async addAvatar(userId: number, fileData: LocalFileDto) {
    const avatar = await this.localFilesService.saveLocalFileData(fileData)
    await this.usersRepository.update(userId, {
      avatarId: avatar.id,
    })
  } // ...
}

Retrieving the files#

Now, the user can retrieve the id of their avatar.

To download the file with a given id, we can create a controller that streams the content.

The first step in achieving the above is extending the LocalFilesService:

import { Injectable, NotFoundException } from "@nestjs/common"
import { InjectRepository } from "@nestjs/typeorm"
import { Repository } from "typeorm"
import LocalFile from "./localFile.entity"
@Injectable()
class LocalFilesService {
  constructor(
    @InjectRepository(LocalFile)
    private localFilesRepository: Repository<LocalFile>,
  ) {}
  async getFileById(fileId: number) {
    const file = await this.localFilesRepository.findOne(fileId)
    if (!file) {
      throw new NotFoundException()
    }
    return file
  } // ...
}
export default LocalFilesService

We also need to create a controller that uses the above method:

localFiles.controller.ts#

import {
  Controller,
  Get,
  Param,
  UseInterceptors,
  ClassSerializerInterceptor,
  StreamableFile,
  Res,
  ParseIntPipe,
} from "@nestjs/common"
import LocalFilesService from "./localFiles.service"
import { Response } from "express"
import { createReadStream } from "fs"
import { join } from "path"
@Controller("local-files")
@UseInterceptors(ClassSerializerInterceptor)
export default class LocalFilesController {
  constructor(private readonly localFilesService: LocalFilesService) {}
  @Get(":id")
  async getDatabaseFileById(
    @Param("id", ParseIntPipe) id: number,
    @Res({ passthrough: true }) response: Response,
  ) {
    const file = await this.localFilesService.getFileById(id)
    const stream = createReadStream(join(process.cwd(), file.path))
    response.set({
      "Content-Disposition": `inline; filename="${file.filename}"`,
      "Content-Type": file.mimetype,
    })
    return new StreamableFile(stream)
  }
}

Doing the above allows the user to retrieve the file with a given id.

Filtering incoming files#

We shouldn’t always trust the files our users upload. Fortunately, we can easily filter them with the fileFilter and limits properties supported by multer.

localFiles.interceptor.ts#

import { FileInterceptor } from "@nestjs/platform-express"
import { Injectable, mixin, NestInterceptor, Type } from "@nestjs/common"
import { ConfigService } from "@nestjs/config"
import { MulterOptions } from "@nestjs/platform-express/multer/interfaces/multer-options.interface"
import { diskStorage } from "multer"
interface LocalFilesInterceptorOptions {
  fieldName: string
  path?: string
  fileFilter?: MulterOptions["fileFilter"]
  limits?: MulterOptions["limits"]
}
function LocalFilesInterceptor(options: LocalFilesInterceptorOptions): Type<NestInterceptor> {
  @Injectable()
  class Interceptor implements NestInterceptor {
    fileInterceptor: NestInterceptor
    constructor(configService: ConfigService) {
      const filesDestination = configService.get("UPLOADED_FILES_DESTINATION")
      const destination = `${filesDestination}${options.path}`
      const multerOptions: MulterOptions = {
        storage: diskStorage({
          destination,
        }),
        fileFilter: options.fileFilter,
        limits: options.limits,
      }
      this.fileInterceptor = new (FileInterceptor(options.fieldName, multerOptions))()
    }
    intercept(...args: Parameters<NestInterceptor["intercept"]>) {
      return this.fileInterceptor.intercept(...args)
    }
  }
  return mixin(Interceptor)
}
export default LocalFilesInterceptor

Let’s allow only files that include “image” in the mimetype and are smaller than 1MB.

import { UsersService } from "./users.service"
import {
  BadRequestException,
  Controller,
  Post,
  Req,
  UploadedFile,
  UseGuards,
  UseInterceptors,
} from "@nestjs/common"
import JwtAuthenticationGuard from "../authentication/jwt-authentication.guard"
import RequestWithUser from "../authentication/requestWithUser.interface"
import { Express } from "express"
import LocalFilesInterceptor from "../localFiles/localFiles.interceptor"
@Controller("users")
export class UsersController {
  constructor(private readonly usersService: UsersService) {}
  @Post("avatar")
  @UseGuards(JwtAuthenticationGuard)
  @UseInterceptors(
    LocalFilesInterceptor({
      fieldName: "file",
      path: "/avatars",
      fileFilter: (request, file, callback) => {
        if (!file.mimetype.includes("image")) {
          return callback(new BadRequestException("Provide a valid image"), false)
        }
        callback(null, true)
      },
      limits: {
        fileSize: Math.pow(1024, 2), // 1MB
      },
    }),
  )
  async addAvatar(@Req() request: RequestWithUser, @UploadedFile() file: Express.Multer.File) {
    return this.usersService.addAvatar(request.user.id, {
      path: file.path,
      filename: file.originalname,
      mimetype: file.mimetype,
    })
  }
}

If the file doesn’t meet the size requirements, NestJS throws 413 Payload Too Large. It could be a good idea to go beyond just checking the mimetype and using the file-type library.

Summary#

In this article, we’ve covered the basics of managing files on our server through NestJS. We’ve learned how to store them on the server and return them to the user. When doing that, we’ve extended the built-in FileInterceptor and implemented filtering. There are still ways to extend the code from this article. Feel free to implement file deleting and use transactions.

Thanks to learning about various ways of storing files, you are now free to compare the advantages and disadvantages and use an approach to suit your needs best.