@ministryofjustice/hmpps-connect-dps-components
v2.0.0-beta
Published
A package to allow the inclusion of connect dps micro frontend components within dps applications
Downloads
1,533
Maintainers
Keywords
Readme
hmpps-connect-dps-components
hmpps-connect-dps-components
is a Node.js client library to simplify the process of incorporating global components
within DPS applications.
Contents
Implementation
Prerequisites
The package assumes adherance to the standard hmpps-template-typescript project. It requires:
- a user object to be available on
res.locals
containing a token, displayName, and authSource. - nunjucks to be setup
- an environment variable to be set for the micro frontend components api called
COMPONENT_API_URL
- to be run after helmet middleware
Installation
To install the package, run the following command:
npm install @ministryofjustice/hmpps-connect-dps-components
Usage
Currently, the package provides the header and the footer component.
To incorporate use as middleware for appropriate routes within your Express application:
app.use(dpsComponents.getPageComponents({
dpsUrl: config.serviceUrls.digitalPrison,
logger,
})
)
However, please 🙏 consider carefully whether you need the components for EVERY request.
It may be sufficient for you app to only request components for GET requests for example, in which case
app.get('*', dpsComponents.getPageComponents({
dpsUrl: config.serviceUrls.digitalPrison,
logger,
})
)
may be more appropriate, especially if you use the PRG pattern to
handle form submission. This will help us to reduce the load on the micro frontend components API. You may wish to
go even further, for example avoiding GET /api...
routes that don't need components - the Prisoner Profile does
something like this:
app.get(
/^(?!\/api|^\/$).*/,
dpsComponents.getPageComponents({
dpsUrl: config.serviceUrls.digitalPrison,
logger,
}),
(req, res) => {
res.render('prisonerProfile')
},
)
require the components, in which case you should be more specific about which to apply the middleware to.
There are a number of options available depending on your requirements.
Add the hmpps-connect-dps-components
path to the nunjucksSetup.ts file to enable css to be loaded:
const njkEnv = nunjucks.configure(
[
path.join(__dirname, '../../server/views'),
'node_modules/govuk-frontend/dist/',
'node_modules/govuk-frontend/dist/components/',
'node_modules/@ministryofjustice/frontend/',
'node_modules/@ministryofjustice/frontend/moj/components/',
'node_modules/@ministryofjustice/hmpps-connect-dps-components/dist/assets/',
],
{
autoescape: true,
express: app,
},
)
Include the package scss within the all.scss file
@import 'node_modules/@ministryofjustice/hmpps-connect-dps-components/dist/assets/footer';
@import 'node_modules/@ministryofjustice/hmpps-connect-dps-components/dist/assets/header-bar';
Include reference to the components in your layout.njk file:
{% for js in feComponents.jsIncludes %}
<script src="{{ js }}" nonce="{{ cspNonce }}"></script>
{% endfor %}
{% for css in feComponents.cssIncludes %}
<link href="{{ css }}" nonce="{{ cspNonce }}" rel="stylesheet" />
{% endfor %}
{% block header %}
{{ feComponents.header | safe }}
{% endblock %}
{% block footer %}
{{ feComponents.footer | safe }}
{% endblock %}
Extra calls
It may be that you need to add some extra requests for the page components for pages that do not fit the normal flow
of routes. e.g. in setUpAuthentication.ts
on the /autherror
path:
router.get(
'/autherror',
dpsComponents.getPageComponents({ dpsUrl: config.serviceUrls.digitalPrison }),
(req, res) => {
res.status(401)
return res.render('autherror')
},
)
This will provide a stripped down header for if there is no user object on res.locals
.
CSP
The package updates the content-security-middleware to include references to the fe-components API. This package should be run after Helmet to prevent this being overwritten.
Shared Data
An optional parameter includeSharedData: true
can be passed into the get
method. Setting this will result in a
sharedData
object being added to res.locals.feComponents
containing data the components have collected to render.
This includes:
- activeCaseLoad (the active caseload of the user)
- caseLoads (all caseloads the user has access to)
- services (information on services the user has access to used for global navigation)
This can be useful e.g. for when your service needs access to activeCaseLoad information to prevent extra calls to the api and takes advantage of the caching that the micro frontend api does.
Populating res.locals.user with the shared case load data
Many services typically add case load information to the user object on res.locals
. This library provides some
optional middleware which populates:
res.locals.user.caseLoads
with all case loads the user has access tores.locals.user.activeCaseLoad
with the active case load of the userres.locals.user.activeCaseLoadId
with the id of the active case load
It uses the sharedData
object if it is present and caches in req.session
so that any subsequent routes that do not
use the component middleware can still use the data. If there is no data in the cache, it will fall back to making a
call to Prison API to retrieve the data using the user token.
To enable this, add the middleware after the component middleware as follows:
app.use(dpsComponents.retrieveCaseLoadData({ logger }))
Again there are a number of options available depending on your requirements.
Note
In the event of a failure to retrieve the components, the package will populate the html fields with fallback components.
The feComponents.sharedData
will not be populated, but if you use the retrieveCaseLoadData middleware (see above) it
will either take case load data from the cache or make a call to the Prison API to retrieve it.