npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

vercel-github-oauth-proxy

v1.2.6

Published

Protect a static website hosted on Vercel behind GitHub authentication.

Downloads

51

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

abraham-schillingabraham-schilling

Keywords

vercelgithuboauthproxystaticwebsitelambdafunctions

Readme

Setup

Step 1 — Add the library

yarn add vercel-github-oauth-proxy

Step 2 — Create an API endpoint at /api/index.ts

import { createLambdaProxyAuthHandler } from "vercel-github-oauth-proxy"

export default createLambdaProxyAuthHandler(config)

config.cryptoSecret

This is used to sign cookies.

config.staticDir

The output directory of the static website.

config.githubOrgName

The GitHub organization users need to be part of in order to be able to sign in.

You cannot use your personal GitHub account for this, you need an organization.

config.githubClientId config.githubClientSecret

The id/secret pair of your GitHub OAuth app.

Create a new OAuth app at https://github.com/organizations/{config.githubOrgName}/settings/applications/new

config.githubOrgAdminToken

Create a token with read:org permission at https://github.com/settings/tokens.

The reason you need a token is that private org memberships can only be determined by making an authenticated API request.

We could request read:org scope during the OAuth flow and then use each user's access token to determine org membership, but using this method means the user additionally needs to request org access during or after the login flow and requires an org admin to confirm. This makes this approach inconvenient for both the users and the admin.

Therefore we're using a separate org admin token to verify membership during login (org admins can see all users).

Step 3 — Create a vercel.json

{
  "version": 2,
  "routes": [{ "src": "/(.*)", "dest": "/api/index.ts" }],
  "functions": {
    "api/index.ts": {
      "includeFiles": "static/**"
    }
  }
}

This routes all traffic through the lambda endpoint.

Adapt includeFiles to your public output folder. Including these files is required because the static website needs to be deployed as part of the lambda function, not the default build. See also these docs:

Step 4 — Build

If you have an existing build script, rename it to vercel-build to build your website as part of the lambda build instead of the normal build.

Make sure to not keep the build script as it would result in duplicate work or may break deployment entirely. For more information see custom-build-step-for-node-js.

{
  "scripts": {
    "vercel-build": "your website build command"
  }
}

Local development

To develop locally, run

yarn vercel dev

When developing locally, you'll need to update your GitHub OAuth app's redirect URL to http://localhost:3000.