Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@hexonet/ispapi-apiconnector
Advanced tools
This module is a connector library for the insanely fast HEXONET Backend API. For further informations visit our homepage and do not hesitate to contact us.
We have also a demo app available showing how to integrate and use our SDK. See here.
Version | NodeJS |
---|---|
4.x and below | >= 4.x |
5.0.0 - 5.0.1 | >= 7.6.0 |
>= 5.0.2 | >= 8.3.0 |
npm i @hexonet/ispapi-apiconnector@latest --save
We provide only documentation and examples for the latest release.
If you got the API communication working, you will notice that we provide two response formats via this library. a) Plain Format b) Hash Format c) ListHash Format
The different response formats can be accessed through the Response object itself that is returned by login, logout and request method:
// console.log(r.getPlain())
// console.log(r.getHash())
// console.log(l.getListHash())
The plain format represents the API plain response. The hash format represents the API response parsed into a js object. The list format makes sense, if you're working with table libraries based on our list commands and need the hash format parsed into a list format.
The API response (a JSON object) provides always two keys: CODE and DESCRIPTION. CODE represents a return code which indicates the following cases: "200" -> The command has been processed successfully by the API "4xx" -> A temporary API error occured, retry later "5xx" -> An API error occured
In case of a (temporary) error the DESCRIPTION may provide more details on the reason.
The hash format provides a PROPERTY key that covers potential data. The list format provides a LIST key that covers potential data.
This example is thought for anyone who builds up his own frontend including user login and logout functionality. See how login and logout works and how the request method depends on the login mechanism! The logout can be done at any time separetely triggered. After logout no further requests reusing the by login returned socketcfg are possible. Note: you have to first finish your requests before doing logout. Running queued requests may fail after logout.
async function main () {
const apiconnector = require('@hexonet/ispapi-apiconnector')
const cl = new apiconnector.APIClient()
// Use OT&E system, omitting this points by default to the LIVE system
cl.useOTESystem()
// Set your user id, here: the OT&E demo user
.setCredentials('test.user', 'test.passw0rd')
// Set Remote IP Address (in case of IP Filter setting)
.setRemoteIPAddress('1.2.3.4:80')
// Set a subuser view
// cl.setSubuserView('hexotestman.com');
console.log('login ...')
let r = await cl.login()
// Provide an one time password (active 2FA)
// const r = await cl.login('12345678');
if (r.getCode() !== '200') { // login failed
console.log(`LOGIN FAILED -> ${r.getCode()} ${r.getDescription()}`)
return
}
console.log('LOGIN SUCCEEDED')
console.log('request further commands ...')
r = await cl.request({
COMMAND: 'StatusUser'
})
console.log(`RESPONSE -> ${r.getCode()} ${r.getDescription()}`)
console.log('logout ...')
r = await cl.logout()
if (r.getCode() !== '200') { // login failed
console.log(`LOGOUT FAILED -> ${r.getCode()} ${r.getDescription()}`)
return
}
console.log('LOGOUT SUCCEEDED')
}
main()
If you want to create your own frontend application based on our SDK, you will have to know how you can save APIClient's session configuration data to the nodejs session and how to rebuild a new APIClient instance out of it on next incoming request.
After successful login, use cl.saveSession(req.session)
to save APIClient's session into the nodejs one.
This snippet is an example for the expressjs framework where req
is the incoming ClientRequest and
req.session
the expressjs session instance.
In your generic route for making API calls use cl.reuseSession(req.session)
to rebuild APIClient's session
out of the previously saved data.
We cannot provide integration examples for part depends on your app itself and your own needs. Still feel free to contact us in case you're stuck.
In the below example no login / logout procedure is required. This is thought for cases where a user session is not of interest. But in that case you always have to provide user and password accordingly. If you want to build your frontend based on this library, we suggest to base it on the above example.
async function main () {
const apiconnector = require('@hexonet/ispapi-apiconnector')
const cl = new apiconnector.APIClient()
// Use OT&E system, omitting this points by default to the LIVE system
cl.useOTESystem()
// Set your user id, here: the OT&E demo user
.setCredentials('test.user', 'test.passw0rd')
// Set Remote IP Address (in case of IP Filter setting)
.setRemoteIPAddress('1.2.3.4:80')
// Set a subuser view
// .setSubuserView('hexotestman.com')
// Set a one time password (active 2FA)
// .setOTP('12345678')
const r = cl.request({
COMMAND: 'StatusUser'
})
console.log(r.getPlain())
}
main()
No need to play with async / await.
const apiconnector = require('@hexonet/ispapi-apiconnector')
const cl = new apiconnector.APIClient()
// Use OT&E system, omitting this points by default to the LIVE system
cl.useOTESystem()
// Set your user id, here: the OT&E demo user
cl.setCredentials('test.user', 'test.passw0rd')
// Set Remote IP Address (in case of IP Filter setting)
cl.setRemoteIPAddress('1.2.3.4:80')
// Set a subuser view
// cl.setSubuserView('hexotestman.com');
// Set a one time password (active 2FA)
// cl.setOTP('12345678');
cl.request({
COMMAND: 'StatusUser'
}).then((r) => {
console.log(r.getPlain())
})
Shorten your code by using method chaining
const apiconnector = require('@hexonet/ispapi-apiconnector')
const cl = new apiconnector.APIClient()
cl.useOTESystem()
.setCredentials('test.user', 'test.passw0rd')
.setRemoteIPAddress('1.2.3.4:80')
// .setSubuserView('hexotestman.com');
// .setOTP('12345678');
cl.request({
COMMAND: 'StatusUser'
}).then((r) => {
console.log(r.getPlain())
})
Please read our development guide for details on our code of conduct, and the process for submitting pull requests to us.
See also the list of contributors who participated in this project.
MIT
FAQs
Node.js SDK for the insanely fast HEXONET API
We found that @hexonet/ispapi-apiconnector demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.