npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@api-client/net-store

v0.10.0

Published

The API CLient's HTTP data store with interfaces for authorization and a persistence layers.

Downloads

119

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jarrodekjarrodek

Keywords

Readme

API Client's Net Store

This library is a self-contained backend store for API Client ecosystem applications. It is designed to:

  • work as a local service installed with API Client applications in a single-user environment
  • run in a local network allowing remote access to the application data (single-, and multi-user environment)
  • run in a container as a www service (see limitations below)

Initialization

import { DummyLogger } from '@api-client/core';
import { Server, StoreLevelUp, Clients } from '@api-client/net-store';

const wsClients = new Clients();
const logger = new DummyLogger();
const store = new StoreLevelUp(logger, wsClients, 'data/store-data');
const server = new Server(store, wsClients, { logger, ... });

await store.initialize();
await server.initialize();
await server.start();

WWW Service Limitations

When running the store as a service over internet it is your responsibility to secure the application to prevent external attacks. This library only provides configuration and API to start the www service and preconfigured default storage option (LevelDB). It is up to you and your organization to create your own storage option that works for you as well as creating protection on the gateway to prevent attacks like DDoS.

Single- and Multi-User environment

Without additional configuration the store runs in a single-user environment. There's no need to authenticate the user and access to the data is open through HTTP/socket connection. The primary use case is to install the store with API Client application alongside the application. This then acts as a local backend for the application. Replication, ACLs, and authentication is disabled in this mode.

Once the authentication configuration is provided the store turns into the multi-user mode. In this mode client has to initialize a session first, login, and obtain authentication token from the application backend. The client can only access data after presenting a valid access token issued by the backend. See the Server Client Communication section for more details.

In the multi-user environment clients (users) can:

  • setup multiple spaces per user and share with other users
  • create and share (via space sharing) HTTP projects
  • share HTTP history

Observing real-time changes

The server exposes the /events endpoint for web socket clients. After that the client sends a message with the information what resource the client want to observe. The resource corresponds to the path in the REST API.

{
  "kind": "Core#BackendCommand",
  "cmd": 0,
  "path": "/files"
}

Then to stop receiving events for the given path you simply unregister it:

{
  "kind": "Core#BackendCommand",
  "cmd": 1,
  "path": "/files"
}

Because the WebSocket does not allow to set headers when making a connection the client must authenticate by adding the token query parameter to the request URL. This token is read and processed by the authentication library.

ws://localhost:8080/v1/events?token=...

If the token is not set when making the connection on the websocket then the connection will be refused and closed.

REST API

See docs/api.md for API details.

Communication client <> store

See docs/communication.md for more details.

Client authentication

See docs/authentication.md for more details.

Http proxy

See docs/proxy.md for more details.

CLI

Use the api-store command to start the server

api-store mode "multi-user" \
  --port 8080 \
  --auth-type "oidc" \
  --oidc-issuer-uri "https://accounts.google.com/" \
  --oidc-client-id "..." \
  --oidc-client-secret "..." \
  --oidc-redirect-base "https://..." \
  --session-secret "..."

Contributions

We are excited to see your contributions, especially for authentication protocols and security of the application. Fork, change, test, and send us a PR. That's all we ask :)

TODO

  • [ ] Add an ability to store application data for synchronization.
  • [ ] Allow the client application to be a redirect URI target for OAuth configuration for a device flow