6.0.1 • Published 11 months ago

@selfage/service_handler v6.0.1

Weekly downloads
-
License
GPL-3.0-or-later
Repository
github
Last release
11 months ago

@selfage/service_handler

Install

npm install @selfage/service_handler

Overview

Written in TypeScript and compiled to ES6 with inline source map & source. See @selfage/tsconfig for full compiler options. Provides a runtime lib to hook service handlers, generated by @selfage/generator_cli and implemented by you, onto Express.js.

Example usage

In this repo, test_data/get_comments.ts, test_data/get_history.ts, and test_data/upload_file.ts are code presumbaly generated by @selfage/generator_cli.

base_handler_test.ts contains all sample use cases on how to register handlers, and how to implement handlers, including handle authentication and streaming bytes.

CORS & preflight handler

Allowing CORS for all domains is an opinionated decision that restricting CORS doesn't help account/data security at all, but might annoy future development. We should guarantee security by other approaches.

Before making any cross-site request, browsers might send a preflight request to ask for valid domain/site. We provide a simple preflight handler to allow all sites.

import express = require('express');
import { HandlerRegister } from '@selfage/service_handler/register';

let app = express();
new HandlerRegister(app).registerCorsAllowedPreflightHandler();

Sign a session string

You have to configure your secret key for signing at the startup of your server, i.e., a secret key for sha256 algorithm. Please refer to other instructions on the best practice of generating a secret key and storing it.

import { SessionSigner } from '@selfage/service_handler/session_signer';

SessionSigner.SECRET_KEY = 'Configure a secrect key';
// Configure routing and start server.

Then you can build a signed session as below.

import { SessionBuilder } from '@selfage/service_handler/session_signer';

let signedSession = SessionBuilder.create().build(JSON.stringify({sessionId: '1234', userId: '5678'}));

Session expiration

Regardless of the data structure of your session, the signed session string always contains the timestamp when signing. By default, a session is expired 30 days after the signing timestamp. You have to re-sign a session the same way as a new session and return it to the client to refresh the timestamp.

You can configure the session longevity as the following, usually before starting your server.

import { SessionExtractor } from '@selfage/service_handler/session_signer';

SessionExtractor.SESSION_LONGEVITY = 30 * 24 * 60 * 60; // seconds
// Configure routing and start server.

Request body size

We choose 1MiB or 1024*1024 bytes as the limit of the request body size, making the same assumption as Google's Datastore which imposes the same size limit for an entity.

There is no built-in limit on streaming bytes data.

HttpHandlerTypeScript
@selfage/http_error@selfage/message@selfage/service_descriptorexpressget-streamprom-client
@infinitebrahmanuniverse/nolb-_sel@everything-registry/sub-chunk-818
5.5.0

11 months ago

5.4.0

11 months ago

5.3.0

11 months ago

5.2.0

11 months ago

5.1.0

12 months ago

5.0.1

12 months ago

5.0.0

12 months ago

6.0.1

11 months ago

4.5.0

12 months ago

4.4.0

1 year ago

4.3.1

1 year ago

4.3.0

1 year ago

4.2.0

2 years ago

4.1.0

3 years ago

4.0.0

3 years ago

3.1.3

3 years ago

3.1.2

3 years ago

3.1.4

3 years ago

3.1.1

3 years ago

3.1.0

3 years ago

3.0.0

3 years ago

2.0.1

4 years ago

2.0.0

4 years ago

1.0.5

4 years ago

1.0.4

4 years ago

1.0.2

4 years ago

1.0.3

4 years ago

1.0.1

4 years ago

1.0.0

4 years ago