Hey everyone! I'm running into a bit of a dilemma with my NodeJS backend and a SvelteKit setup that's acting as a backend for the frontend (BFF). One key feature of my app is uploading large files, sometimes up to 2GB. I've worked hard to make this process efficient with streams, transformations, and file scanning but here's the catch: if I route the upload through the BFF, I risk running out of memory or having to duplicate logic. Ideally, I'd like to upload files directly to the API from the UI, but I'm concerned about exposing my API to the public. What are your thoughts on this? How would you tackle this situation?
4 Answers
If you're concerned about bypassing your BFF, it might still be okay for just this one endpoint. However, keep in mind that if you start bypassing it for multiple endpoints, you could end up with management headaches later. Just document the reason for your decision to keep things clear for future reference.
You might want to consider generating a signed URL from your backend to allow direct uploads from the frontend to a cloud storage service like Google Cloud Storage. That way, your app can handle large uploads without overwhelming the BFF, plus you can keep your backend flexible without committing to a specific storage solution right away.
I'm new to this whole BFF concept, but from what I've gathered, it’s meant to ease API complexity for different frontends. If you can find a way to handle uploads directly onto your backend while maintaining your SvelteKit structure, it could work! But I'd check how SvelteKit deals with file streams, so you can streamline everything without any hiccups.
It really depends on how you're processing the files. Typically, it's more efficient to upload files directly to an object storage like S3 using something like pre-signed URLs. Then you can handle any transformations after the upload. It might even simplify things for you.
I can see your point! But I'm a bit wary of picking a single storage service early on. I want the flexibility to switch things up to avoid vendor lock-in.