Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
@authorizerdev/authorizer-react
Advanced tools
@authorizerdev/authorizer-react
Authorizer React SDK allows you to implement authentication in your [React](https://reactjs.org/) application quickly. It also allows you to access the user profile.
authorizer-react
Authorizer React SDK allows you to implement authentication in your React application quickly. It also allows you to access the user profile.
Here is a quick guide on getting started with @authorizerdev/authorizer-react package.
Code Sandbox Demo: https://codesandbox.io/s/authorizer-demo-qgjpw
Step 1 - Create Instance
Get Authorizer URL by instantiating Authorizer instance and configuring it with necessary environment variables.
Step 2 - Install package
Install @authorizerdev/authorizer-react library
npm i --save @authorizerdev/authorizer-react
OR
yarn add @authorizerdev/authorizer-react
Step 3 - Configure Provider and use Authorizer Components
Authorizer comes with react context which serves as Provider component for the application
import {
AuthorizerProvider,
Authorizer,
useAuthorizer,
} from '@authorizerdev/authorizer-react';
const App = () => {
return (
<AuthorizerProvider
config={{
authorizerURL: 'http://localhost:8080',
redirectURL: window.location.origin,
clientID: 'YOUR_CLIENT_ID',
}}
>
<LoginSignup />
<Profile />
</AuthorizerProvider>
);
};
const LoginSignup = () => {
return <Authorizer />;
};
const Profile = () => {
const { user } = useAuthorizer();
if (user) {
return <div>{user.email}</div>;
}
return null;
};
Commands
Local Development
The recommended workflow is to run authorizer in one terminal:
npm start # or yarn start
This builds to /dist and runs the project in watch mode so any edits you save inside src causes a rebuild to /dist.
Then run either Storybook or the example playground:
Example
Then run the example inside another:
cd example
npm i # or yarn to install dependencies
npm start # or yarn start
The default example imports and live reloads whatever is in /dist, so if you are seeing an out of date component, make sure TSDX is running in watch mode like we recommend above. No symlinking required, we use Parcel's aliasing.
To do a one-off build, use npm run build or yarn build.
To run tests, use npm test or yarn test.
Configuration
Code quality is set up for you with prettier, husky, and lint-staged. Adjust the respective fields in package.json accordingly.
Jest
Jest tests are set up to run with npm test or yarn test.
Bundle analysis
Calculates the real cost of your library using size-limit with npm run size and visulize it with npm run analyze.
FAQs
Package last updated on 02 Apr 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025