Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@eduzz/accounts-react-wrapper
Advanced tools
SDK para fazer integração de aplicações react com o accounts, sistema de autenticação único da Eduzz. Seu escopo é autenticação, e não autorização.
https://codesandbox.io/s/accounts-sdk-example-vh0g0?file=/src/index.tsx
<script
rel="preconnect"
src="https://cdn.eduzzcdn.com/accounts/accounts.js"
></script>
yarn add @eduzz/accounts-react-wrapper
yarn add lib1@^1.20.1 lib2@^0.23.0 lib3@^2.0.2
// Nome de arquivo sugerido: accounts.config.ts
// Exemplo:
import {
AuthProviderConfig,
authentication,
} from '@eduzz/accounts-react-wrapper';
const config: AuthProviderConfig = {
accounts: {
partnerId: 'itj90bnlrg0394fnvrg8903lsdgn',
env: 'homolog',
},
api: {
url: 'http://localhost:5000',
login: {
request: {
path: '/auth/login',
tokenKey: 'accountToken',
params: {
key: 'value',
},
},
response: {
tokenKey: 'bearerToken',
refreshTokenKey: 'refreshToken',
mapData: 'data',
},
},
refresh: {
request: {
path: '/auth/refreshtoken',
refreshTokenKey: 'refreshToken',
params: {
key: 'value',
},
},
response: {
tokenKey: 'bearerToken',
refreshTokenKey: 'refreshToken',
mapData: 'data',
},
},
},
backOffice: {
urlParam: 'accounts_login_token',
},
authentication,
};
/*
Configuração dos endpoints de login e refresh token.
1. Login
1.1 Request
- path: Path do endpoint de login;
- tokenKey: Nome da propriedade de token retornada pelo script accounts esperada pelo backend;
- params(opcional): Quaisquer outros parâmetros necessários.
1.2 Response
Definição do nome das propriedades de token e refresh token retornadas no endpoint de login.
- mapData(opcional): string do path que contém as respostas da api. ex: data.dados
2. Refresh
2.1 Request
- path: Path do endpoint de refresh token;
- refreshTokenKey: Nome da propriedade de refresh token esperada pelo o backend;
- params(opcional): Quaisquer outros parâmetros necessários.
2.2 Response
Definição do nome das propriedades de token e refresh token retornadas no endpoint de refresh token.
- mapData(opcional): string do path que contém as respostas da api. ex: data.dados
Configuração do Back Office
Configurar o query param de login via Back Office para que o SDK identifique o login como suporte, não faça o refresh do token e siga o fluxo de autenticação a partir de login no accounts.
A definição dessa parâmetro está no projeto backoffice.
No exemplo de configuração abaixo o SDK espera o parâmetro accounts_login_token na URL e identifica como login de suporte.
backOffice(opcional): {
urlParam: "accounts_login_token",
}
*/
export default config;
import { AuthProvider } from '@eduzz/accounts-react-wrapper';
import config from './accounts.config.ts';
ReactDOM.render(
<React.StrictMode>
<AuthProvider config={config}>
<App />
</AuthProvider>
</React.StrictMode>,
document.getElementById('root')
);
import { useAuth } from '@eduzz/accounts-react-wrapper';
type ExapledBearerTokenDecoded = {
name: string;
email: string;
}
function App() {
const { bearerTokenDecoded, loading, bearerToken, logout } = useAuth<ExapledBearerTokenDecoded>();
return (
<div className='App'>
<header className='App-header'>
<div className="App">
<p>user name: {bearerTokenDecoded?.name}</p>
<p>user email: {bearerTokenDecoded?.email}</p>
<p>bearerToken: {bearerToken}</p>
<p>loading: {loading}</p>
<button onClick={logout}>Logout</button>
</div>
</header>
</div>
)
}
FAQs
## [Sobre](#sobre)
The npm package @eduzz/accounts-react-wrapper receives a total of 7 weekly downloads. As such, @eduzz/accounts-react-wrapper popularity was classified as not popular.
We found that @eduzz/accounts-react-wrapper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.