Stencil Documentation
  • General
  • API
    • Authentication
      • Account
    • Pagination
    • Status Code and Throttling
    • Endpoints
      • Projects
      • Templates
      • Images
      • Collections
      • PDFs
      • Airtable
    • Charts
  • Using Stencil
    • Template Editor (New)
    • Template Editor (Legacy)
      • Limited Markdown Supports
      • Anchoring Element
      • Using Custom Font
      • Circular Text Positioning
    • White Label for Business
      • Setting Up Your First Client
      • DNS Setup with Cloudflare
  • Guides
    • Airtable Integration
      • Basic
    • Integromat Integration
      • Connection
      • Instant Trigger
    • Zapier Integration
      • Authentication
      • Trigger - New Image
      • Action - Create Image
    • Secure Signed Image
      • Basic
    • Query String Integration
      • Basic
      • Cache
    • Forms Integration
    • Case Studies
      • Generate Instagram Post from WooCommerce
      • Generate Open Graph Image for WordPress
      • Generate Personalized SendGrid Email Campaigns
      • Sending Charts to Twitter
      • Generate Instagram Post from Shopify
      • Automating Webflow Open Graph Image
      • Generate certificate of accomplishment
      • Automate Candidate's Certificate Generation
  • LINKS
    • Back to Stencil
    • Got bug?
    • Need feature?
    • Blog
Powered by GitBook
On this page
  • Changing image format on the fly
  • Cache

Was this helpful?

  1. Guides
  2. Secure Signed Image

Basic

On-demand image creation by secure URL parameters

Your image modifications are signed with your project's API token, thus your image can only be modified by you.

def create_signed_image do
  user_id = ""
  secret_key = ""
  base_id = ""
  
  modifications = 
    Jason.encode!([
      %{"name" => "text_1", "text" => "secure image"},
      %{"name" => "rating_2", "rating" => 5}
    ])
    |> Base.url_encoded64(padding: false)
    
  parameters = "#{user_id}+#{base_id}+#{modifications}"
  
  signature =
    :crypto.hmac(:sha256, secret_key, parameters)
    |> Base.encode16()
    |> String.downcase()
    
  "https://images.usestencil.com/signed-images/#{user_id}/#{base_id}.png?modifications=#{modifications}&s=#{signature}"
end
import json
import hmac
import hashlib
import base64

def base64_encode(string):
    """
    Removes any `=` used as padding from the encoded string.
    """
    encoded = base64.b64encode(string.encode())
    encoded = encoded.rstrip(b'=')
    return encoded

def generate_url():
  user_id = ""
  secret_key = ""
  base_id = ""

  modifications = [
    { "name": "text_1", "text": "secure image" },
    { "name": "rating_2", "rating": 5 },
  ]

  # ensure no spaces in json output
  encoded = json.dumps(modifications, separators=(',', ':'))
  encoded = base64_encode(encoded).decode()

  parameters = "{user_id}+{base_id}+{modifications}".format(user_id=user_id, base_id=base_id, modifications=encoded)

  signature = hmac.new(secret_key.encode(), parameters.encode(), hashlib.sha256).hexdigest()

  url = "https://images.usestencil.com/signed-images/{user_id}/{base_id}.png?modifications={modifications}&s={signature}".format(
      base_id=base_id,
      user_id=user_id,
      modifications=encoded,
      signature=signature
  )
  print(url)

if __name__ == "__main__":
    generate_url()

Changing image format on the fly

We support both JPEG and PNG. To use PNG, change the image in the url to .png and to use JPEG, change the image in the url to .jpg

Cache

Image is only generated once (synchronously on the first request) and subsequent images are pulled from cache. Images pulled from cache do not count towards your quota.

Order matters.

In order for cache to work properly, please specify the signature parameter last in the query string i.e. modifications=<your-modifications>&s=<your-signature>.

Cache invalidation

Sometimes it is useful to invalidate cache, you can add ts=<random number> to invalidate the cache and a new image will be generated (this will count towards your quota).

PreviousSecure Signed ImageNextQuery String Integration

Last updated 3 years ago

Was this helpful?