Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@storyblok/vue
Advanced tools
The Vue SDK you need to interact with Storyblok API and enable the Real-time Visual Editing Experience.
Note This plugin is for Vue 3. Check out the docs for Vue 2 version.
Check out the Live Demo on Stackblitz!
Important If you are first-time user of the Storyblok, read the Getting Started guide to get a project ready in less than 5 minutes.
Install @storyblok/vue
npm install @storyblok/vue
# yarn add @storyblok/vue
Warning This SDK uses the Fetch API under the hood. If your environment doesn't support it, you need to install a polyfill like isomorphic-fetch. More info on storyblok-js-client docs.
Register the plugin on your application (usually in main.js
), add the apiPlugin
and add the access token of your Storyblok space:
import { createApp } from "vue";
import { StoryblokVue, apiPlugin } from "@storyblok/vue";
import App from "./App.vue";
const app = createApp(App);
app.use(StoryblokVue, {
accessToken: "YOUR_ACCESS_TOKEN",
use: [apiPlugin],
});
That's it! All the features are enabled for you: the Api Client for interacting with Storyblok CDN API, and Storyblok Bridge for real-time visual editing experience.
Note You can enable/disable some of these features if you don't need them, so you save some KB. Please read the "Features and API" section.
Install the file from the CDN and access the methods via window.storyblokVue
:
<script src="https://unpkg.com/@storyblok/vue"></script>
@storyblok/vue
does three actions when you initialize it:
storyblokApi
object in your app, which is an instance of storyblok-js-clientv-editable
directive to link editable components to the Storyblok Visual EditorLoad globally the Vue components you want to link to Storyblok in your main.js file:
import Page from "./components/Page.vue";
import Teaser from "./components/Teaser.vue";
app.use(StoryblokVue, {
accessToken: "<your-token>",
use: [apiPlugin],
});
app.component("Page", Page);
app.component("Teaser", Teaser);
The simplest way is by using the useStoryblok
one-liner composable. Where you need to pass as first parameter the slug
, while the second and third parameters, apiOptions
and bridgeOptions
respectively, are optional:
Note The
resolveRelations
andresolveLinks
frombridgeOptions
can be excluded if you're already defining them asresolve_relations
andresolve_links
inapiOptions
, we will add them by default. But you will always be able to overwrite them.
<script setup>
import { useStoryblok } from "@storyblok/vue";
const { story, fetchState } = useStoryblok(
"path-to-story",
{ version: "draft", resolve_relations: "Article.author" }, // API Options
{ resolveRelations: ["Article.author"], resolveLinks: "url" } // Bridge Options
);
</script>
<template>
<StoryblokComponent v-if="story" :blok="story.content" />
</template>
Check the available apiOptions in our API docs and bridgeOptions passed to the Storyblok Bridge.
You can easily render rich text by using the renderRichText
function that comes with @storyblok/vue
and a Vue computed property:
<template>
<div v-html="articleContent"></div>
</template>
<script setup>
import { computed } from "vue";
import { renderRichText } from "@storyblok/vue";
const articleContent = computed(() => renderRichText(blok.articleContent));
</script>
You can set a custom Schema and component resolver globally at init time by using the richText
init option:
import { RichTextSchema, StoryblokVue } from "@storyblok/vue";
import cloneDeep from "clone-deep";
const mySchema = cloneDeep(RichTextSchema); // you can make a copy of the default RichTextSchema
// ... and edit the nodes and marks, or add your own.
// Check the base RichTextSchema source here https://github.com/storyblok/storyblok-js-client/blob/master/source/schema.js
app.use(StoryblokVue, {
accessToken: "YOUR_ACCESS_TOKEN",
use: [apiPlugin],
richText: {
schema: mySchema,
resolver: (component, blok) => {
switch (component) {
case "my-custom-component":
return `<div class="my-component-class">${blok.text}</div>`;
default:
return "Resolver not defined";
}
},
},
});
You can also set a custom Schema and component resolver only once by passing the options as the second parameter to renderRichText
function:
import { renderRichText } from "@storyblok/vue";
renderRichText(blok.richTextField, {
schema: mySchema,
resolver: (component, blok) => {
switch (component) {
case "my-custom-component":
return `<div class="my-component-class">${blok.text}</div>`;
break;
default:
return `Component ${component} not found`;
}
},
});
Inject storyblokApi
when using Composition API:
<template>
<div>
<p v-for="story in stories" :key="story.id">{{ story.name }}</p>
</div>
</template>
<script setup>
import { useStoryblokApi } from "@storyblok/vue";
const storyblokApi = useStoryblokApi();
const { data } = await storyblokApi.get(
"cdn/stories/home",
{ version: "draft", resolve_relations: "Article.author" } // API Options
);
</script>
Note You can skip using
apiPlugin
if you prefer your own method or function to fetch your data.
Use useStoryBridge
to get the new story every time is triggered a change
event from the Visual Editor. You need to pass the story id as first param, and a callback function as second param to update the new story:
<script setup>
import { onMounted } from "vue";
import { useStoryblokBridge, useStoryblokApi } from "@storyblok/vue";
const storyblokApi = useStoryblokApi();
const { data } = await storyblokApi.get(
"cdn/stories/home",
{ version: "draft", resolve_relations: "Article.author" } // API Options
);
const state = reactive({ story: data.story });
onMounted(() => {
useStoryblokBridge(state.story.id, story => (state.story = story));
});
</script>
You can pass Bridge options as a third parameter as well:
useStoryblokBridge(
state.story.id,
(story) => (state.story = story),
{
resolveRelations: ["Article.author"],
resolveLinks: "url",
} // Bridge Options
);
For every component you've defined in your Storyblok space, add the v-editable
directive with the blok content:
<template>
<div v-editable="blok"><!-- ... --></div>
</template>
Where blok
is the actual blok data coming from Storblok's Content Delivery API.
Check out the playground for a full example.
You can choose the features to use when you initialize the plugin. In that way, you can improve Web Performance by optimizing your page load and save some bytes.
This example of useStoryblok
:
<script setup>
import { useStoryblok } from "@storyblok/vue";
const story = await useStoryblok(
"blog",
{ version: "draft", resolve_relations: "Article.author" }, // API Options
{ resolveRelations: ["Article.author"], resolveLinks: "url" } // Bridge Options
);
</script>
Is equivalent to the following, using useStoryblokBridge
and useStoryblokApi
:
<script setup>
import { onMounted } from "vue";
import { useStoryblokBridge, useStoryblokApi } from "@storyblok/vue";
const storyblokApi = useStoryblokApi();
const { data } = await storyblokApi.get(
"cdn/stories/blog",
{ version: "draft", resolve_relations: "Article.author" }, // API Options
);
const state = reactive({ story: data.story });
onMounted(() => {
useStoryblokBridge(
state.story.id,
story => (state.story = story),
{ resolveRelations: ["Article.author"], resolveLinks: "url" } // Bridge Options
);
});
</script>
Check the available apiOptions (passed to storyblok-js-client
) and bridgeOptions (passed to the Storyblok Bridge).
You can use an apiOptions
object. This is passed down to the storyblok-js-client config object.
app.use(StoryblokVue, {
accessToken: "<your-token>",
apiOptions: {
// storyblok-js-client config object
cache: { type: "memory" },
},
use: [apiPlugin],
});
If you prefer to use your own fetch method, just remove the apiPlugin
and storyblok-js-client
won't be added to your application.
app.use(StoryblokVue);
Possible values:
eu
(default): For spaces created in the EUus
: For spaces created in the USap
: For spaces created in Australiaca
: For spaces created in Canadacn
: For spaces created in ChinaFull example for a space created in the US:
app.use(StoryblokVue, {
accessToken: "<your-token>",
use: [apiPlugin],
apiOptions: {
region: "us",
},
});
Important For spaces created in the United States or China, the
region
parameter must be specified.
You can conditionally load it by using the bridge
option. Very useful if you want to disable it in production:
app.use(StoryblokVue, {
bridge: process.env.NODE_ENV !== "production",
});
In case you need it, you have still access to the raw window.StoryblokBridge
:
const sbBridge = new window.StoryblokBridge(options);
sbBridge.on(["input", "published", "change"], (event) => {
// ...
});
By default, @storyblok/vue
show a console.error
if a component is not implemented. Setting enableFallbackComponent
to true
bypasses that behavior, rendering a fallback component in the frontend instead.
app.use(StoryblokVue, {
// ...
enableFallbackComponent: true,
});
You can also create and use a custom fallback component by setting customFallbackComponent: "MyCustomFallback"
.
import MyCustomFallback from "./components/MyCustomFallback.vue";
app.use(StoryblokVue, {
// ...
enableFallbackComponent: true,
customFallbackComponent: "MyCustomFallback",
});
app.component("MyCustomFallback", MyCustomFallback);
This plugin is for Vue 3. Thus, it supports the same browsers as Vue 3. In short: all modern browsers, dropping IE support.
Please see our contributing guidelines and our code of conduct. This project use semantic-release for generate new versions by using commit messages and we use the Angular Convention to naming the commits. Check this question about it in semantic-release FAQ.
FAQs
Storyblok directive for get editable elements.
The npm package @storyblok/vue receives a total of 13,346 weekly downloads. As such, @storyblok/vue popularity was classified as popular.
We found that @storyblok/vue demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.