Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
@globalfishingwatch/api-client
Advanced tools
Simply pure js library to help on the GFW API with:
yarn
yarn add @globalfishingwatch/api-client
npm
npm i @globalfishingwatch/api-client --save
Just include the basic config in the .env
when no extra configuration is needed.
API_GATEWAY_URL | REACT_APP_API_GATEWAY_URL=https://gateway.api.dev.globalfishingwatch.org
import GFW_API from '@globalfishingwatch/api-client'
// use where needed
Some configuration is exposed to be changed at any moment:
GFW_API.setConfig( {
debug: boolean
baseUrl: string
})
The url to the SSO is exposed used the getLoginUrl
helper, which needs the following params:
import GFW_API from '@globalfishingwatch/api-client'
const url = GFW_API.getLoginUrl('your_callback_url_here', 'client_optional')
access-token
to generate the session token
and the refreshToken
but it won't be useful anymore.try {
const user = await GFWAPI.login({ accessToken: 'acces_token_here' })
console.log(user) // returns user data
} catch (e) {
console.warn('Something happened on the login', e)
}
refreshToken
:try {
const user = await GFWAPI.login({ refreshToken: 'refresh_token_here' })
console.log(user) // returns user data
} catch (e) {
console.warn('Something happened on the login', e)
}
try {
const user = await GFWAPI.login()
console.log(user) // returns user data
} catch (e) {
console.warn('Something happened on the login', e)
}
As most of the endpoints are below the dataset
prefix the client allows you to set the dataset version and be used in all request using:
GFWAPI.setConfig({ dataset })
try {
const data = await GFWAPI.fetch('your_relative_url_here')
console.log(data) // returns the desired data
} catch (e) {
console.warn('Something happened on the gfw api fetch', e)
}
try {
await GFWAPI.download('your_download_url_here', 'downloaded-file-name.csv')
} catch (e) {
console.warn('An error on the download happened', e)
}
token
and refreshToken
just use:try {
const logged = await GFWAPI.logout()
console.log(logged) // returns true when logout was good
} catch (e) {
console.warn('Something happened on the logout', e)
}
Send local:true
in the FetchOptions and ensure you have the following .env variables
REACT_APP_LOCAL_API_USER_ID=
REACT_APP_LOCAL_API_USER_TYPE=
REACT_APP_LOCAL_API_USER_EMAIL=
Just use:
GFWAPI.getToken()
// or
GFWAPI.getRefreshToken()
Use your own instance of the API client including this param:
const GFWAPI = new GFW_API({
....
debug: true
})
The library exposes a react hook to make the login as easy as possible:
import GFWAPI from '@globalfishingwatch/api-client'
import useGFWLogin from '@globalfishingwatch/api-client/dist/react-hook'
function App() {
const { loading, logged, user, error } = useGFWLogin(GFWAPI)
}
yarn install
yarn start
yarn test
yarn build
npx release major|minor|patch
npm publish
npm publishdoc
FAQs
Unknown package
The npm package @globalfishingwatch/api-client receives a total of 28 weekly downloads. As such, @globalfishingwatch/api-client popularity was classified as not popular.
We found that @globalfishingwatch/api-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.