Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
axios-hooks
Advanced tools
The license of this software has changed to AWISC - Anti War ISC license
React hooks for axios, with built-in support for server side rendering.
npm install axios axios-hooks
axios
is a peer dependency and needs to be installed explicitly
axios-hooks@5.x
is compatible with axios@1.x
axios-hooks@4.x
and below are compatible with axios@0.x
import useAxios from 'axios-hooks'
function App() {
const [{ data, loading, error }, refetch] = useAxios(
'https://reqres.in/api/users?delay=1'
)
if (loading) return <p>Loading...</p>
if (error) return <p>Error!</p>
return (
<div>
<button onClick={refetch}>refetch</button>
<pre>{JSON.stringify(data, null, 2)}</pre>
</div>
)
}
The package exports one default export and named exports:
import useAxios, {
configure,
loadCache,
serializeCache,
makeUseAxios
} from 'axios-hooks'
The main React hook to execute HTTP requests.
url|config
- The request URL or config object, the same argument accepted by axios
.options
- An options object.
manual
( false
) - If true, the request is not executed immediately. Useful for non-GET requests that should not be executed when the component renders. Use the execute
function returned when invoking the hook to execute the request manually.useCache
( true
) - Allows caching to be enabled/disabled for the hook. It doesn't affect the execute
function returned by the hook.ssr
( true
) - Enables or disables SSR supportautoCancel
( true
) - Enables or disables automatic cancellation of pending requests whether it be
from the automatic hook request or from the manual
execute method[!IMPORTANT]
Default caching behavior can interfere with test isolation. Read the testing section for more information.
Returns
[{ data, loading, error, response }, execute, manualCancel]
data
- The success response data property (for convenient access).
loading
- True if the request is in progress, otherwise False.
error
- The error value
response
- The whole success response object.
execute([config[, options]])
- A function to execute the request manually, bypassing the cache by default.
config
- Same config
object as axios
, which is shallow-merged with the config object provided when invoking the hook. Useful to provide arguments to non-GET requests.options
- An options object.
useCache
( false
) - Allows caching to be enabled/disabled for this "execute" function.Returns
A promise containing the response. If the request is unsuccessful, the promise reects and the rejection must be handled manually.
manualCancel()
- A function to cancel outstanding requests manually.
Allows to provide custom instances of cache and axios and to override the default options.
cache
An instance of lru-cache, or false
to disable the cacheaxios
An instance of axiosdefaultOptions
An object overriding the default Hook options. It will be merged with the default options.Dumps the request-response cache, to use in server side rendering scenarios.
Returns
Promise<Array>
A serializable representation of the request-response cache ready to be used by loadCache
Populates the cache with serialized data generated by serializeCache
.
cache
The serializable representation of the request-response cache generated by serializeCache
Creates an instance of the useAxios
hook configured with the supplied cache, axios instance and default options.
cache
An instance of lru-cache, or false
to disable the cacheaxios
An instance of axiosdefaultOptions
An object overriding the default Hook options. It will be merged with the default options.Returns
An instance of useAxios
React Hook which will always use the provided cache and axios instance.
The returned value, besides being a function that can be used as a React Hook, also contains the properties:
resetConfigure
configure
loadCache
serializeCache
which are the same as the package's named exports but limited to the useAxios
instance returned by makeUseAxios
.
The arguments provided to useAxios(config[,options])
are watched for changes and compared using deep object comparison.
When they change, if the configuration allows a request to be fired (e.g. manual:false
), any pending request is canceled and a new request is triggered, to avoid automatic cancellation you should use autoCancel:false
option
Because of this, it's important to make sure that the arguments to useAxios
preserve deep equality across component renders. This is often the case unless functions (e.g. axios transformers) are provided to a configuration object. In that case, those functions need to be memoized or they will trigger a request execution at each render, leading to an infinite loop.
Unless provided via the configure
function, axios-hooks
uses as defaults:
axios
- the default axios
package exportcache
- a new instance of the default lru-cache
package export, with no argumentsdefaultOptions
- { manual: false, useCache: true, ssr: true, autoCancel: true }
These defaults may not suit your needs, for example:
In such cases you can use the configure
function to provide your custom implementation of both.
When
configure
is used, it should be invoked once before any usages of theuseAxios
hook
import { configure } from 'axios-hooks'
import LRU from 'lru-cache'
import Axios from 'axios'
const axios = Axios.create({
baseURL: 'https://reqres.in/api'
})
const cache = new LRU({ max: 10 })
configure({ axios, cache })
On the client, requests are executed when the component renders using a React useEffect
hook.
This may be undesirable, as in the case of non-GET requests. By using the manual
option you can skip the automatic execution of requests and use the return value of the hook to execute them manually, optionally providing configuration overrides to axios
.
In the example below we use the useAxios
hook twice. Once to load the data when the component renders, and once to submit data updates via a PUT
request configured via the manual
option.
import useAxios from 'axios-hooks'
function App() {
const [{ data: getData, loading: getLoading, error: getError }] = useAxios(
'https://reqres.in/api/users/1'
)
const [{ data: putData, loading: putLoading, error: putError }, executePut] =
useAxios(
{
url: 'https://reqres.in/api/users/1',
method: 'PUT'
},
{ manual: true }
)
function updateData() {
executePut({
data: {
...getData,
updatedAt: new Date().toISOString()
}
})
}
if (getLoading || putLoading) return <p>Loading...</p>
if (getError || putError) return <p>Error!</p>
return (
<div>
<button onClick={updateData}>update data</button>
<pre>{JSON.stringify(putData || getData, null, 2)}</pre>
</div>
)
}
The cancellation method can be used to cancel an outstanding request whether it be
from the automatic hook request or from the manual
execute method.
In the example below we use the useAxios
hook with its automatic and manual requests.
We can call the cancellation programmatically or via controls.
function App() {
const [pagination, setPagination] = useState({})
const [{ data, loading }, refetch, cancelRequest] = useAxios({
url: '/users?delay=5',
params: { ...pagination }
})
const handleFetch = () => {
setPagination({ per_page: 2, page: 2 })
}
const externalRefetch = async () => {
try {
await refetch()
} catch (e) {
// Handle cancellation
}
}
return (
<div>
<button onClick={handleFetch}>refetch</button>
<button onClick={externalRefetch}>External Refetch</button>
<button disabled={!loading} onClick={cancelRequest}>
Cancel Request
</button>
{loading && <p>...loading</p>}
<pre>{JSON.stringify(data, null, 2)}</pre>
</div>
)
}
axios-hooks
seamlessly supports server side rendering scenarios, by preloading data on the server and providing the data to the client, so that the client doesn't need to reload it.
useAxios
HTTP requests are executed on the serverserializeCache()
in order to obtain a serializable representation of the request-response cachewindow
global variableloadCache
<!-- fragment of the HTML template defining the window global variable -->
<script>
window.__AXIOS_HOOKS_CACHE__ = {{{cache}}}
</script>
// server code for the server side rendering handler
import { serializeCache } from 'axios-hooks'
router.use(async (req, res) => {
const index = fs.readFileSync(`${publicFolder}/index.html`, 'utf8')
const html = ReactDOM.renderToString(<App />)
// wait for axios-hooks HTTP requests to complete
const cache = await serializeCache()
res.send(
index
.replace('{{{html}}}', html)
.replace('{{{cache}}}', JSON.stringify(cache).replace(/</g, '\\u003c'))
)
})
// client side code for the application entry-point
import { loadCache } from 'axios-hooks'
loadCache(window.__AXIOS_HOOKS_CACHE__)
delete window.__AXIOS_HOOKS_CACHE__
ReactDOM.hydrate(<App />, document.getElementById('root'))
Sometimes it is necessary to communicate with different APIs or use different caching strategies for different HTTP interactions.
makeUseAxios
allows to create multiple instances of the useAxios
React Hook which can be configured and managed independently.
In other words, makeUseAxios
is a factory of useAxios
, which returns a React Hook configured against the provided axios
or cache
instances.
This feature can also be used to create a single pre configured React Hook instance as an alternative to the global
configure
feature
import axios from 'axios'
import { makeUseAxios } from 'axios-hooks'
const useAxios = makeUseAxios({
axios: axios.create({ baseURL: 'https://reqres.in/api' })
})
function App() {
const [{ data, loading, error }, refetch] = useAxios('/users?delay=1')
if (loading) return <p>Loading...</p>
if (error) return <p>Error!</p>
return (
<div>
<button onClick={refetch}>refetch</button>
<pre>{JSON.stringify(data, null, 2)}</pre>
</div>
)
}
Testing components that make use of the useAxios
hook are susceptible to test isolation leakage because of default caching behavior. The following snippets can be used to disable caching while testing:
beforeAll(() => {
useAxios.configure({ cache: false })
})
axios-hooks depends on a native ES6 Promise implementation to be supported. If your environment doesn't support ES6 Promises, you can polyfill.
axios-hooks
is heavily inspired by graphql-hooks,
developed by the awesome people at NearForm.
MIT
FAQs
axios-hooks
We found that axios-hooks demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.