Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Centarius has same API as After.js.
If you have familiarize yourself with After, then you are not finding it difficult to migrate to Centarius.
Also : You can build it on your SSR boilerplate (either it webpack, parcel, etc).
Centarius is just another component wrapper to ease React SSR.
curl https://codeload.github.com/rayandrews/centarius/tar.gz/master | tar -xz --strip=2 centarius-master/examples/basic
cd basic
AfterJS is awesome library but it has some drawbacks that I found it difficult to modify it in my other projects such as :
Routes' config only one level depth, and
Not able to modify routes config as we wish, imagine you are building complex application's routes. Sometimes just map over through your routes' config and get initial props are not enough.
Some routes are using same logical needs. We need strategy for providing it.
We need to adopt and a little bit to modify React Router Config strategy in our apps, to make more complex and declarative application based on routes config
Not able to modify static method for get initial props (getInitialProps is good, but you should be able to modify the name based on your content)
Not able to handle loading or error state while transitioning and getting initial props for other route
Table of Contents
Centarius will read through your routes' config to find component that you've already specified.
In all components that you want to passed the initial data, you can add a static async getInitialProps
or another function's name that exactly does the same
.
This will be called on both initial server render and while transitioning between routes.
// Home.js
import React from 'react';
import { NavLink } from 'react-router-dom';
class Home extends React.Component {
static async getInitialProps({ req, res, match }) {
const stuff = await CallMyApi();
return { stuff }; // returned value from static method not passed on props by default
}
render() {
return (
<div>
<NavLink to="/about">About</NavLink>
<h1>Home</h1>
</div>
);
}
}
export default Home;
getInitialProps | { name } : (ctx) => object
Within getInitialProps
or another function name
, you will get access to all you need to fetch data on both
the client and the server (same like After)
req?: Request object
: (server-only) A Express.js request objectres?: Request object
: (server-only) An Express.js response objectmatch: object
: React Router 4's match
object.history: object
: React Router 4's history
object.location: object
: (client-only) React Router 4's location
object.isServer: boolean
: Check whether code is running on server or clientquery: object
: Parsed query string from urlparams: object
: Parsed param object from React RouterYou can also add another variable to be passed into static method like Redux Store, etc.
If you are using some server only modules inside
getInitialProps
oranoher function name
, make sure to import them properly. Otherwise, it'll slow down your app.
Taken from Next
getInitialProps
prefetch: (pathname: string) => void
- Imperatively prefetch and cache data for a path.// Home.js
import React from 'react';
import { NavLink } from 'react-router-dom';
import { CentariusConsumer } from 'centarius/core';
class Home extends React.Component {
static async getInitialProps({ req, res, match }) {
const stuff = await CallMyApi();
return { stuff };
}
render() {
return (
<div>
<NavLink to="/about">About</NavLink>
<h1>Home</h1>
<div>{this.props.stuff || ''}</div>
</div>
);
}
}
export default Home;
React Router 4 is used in all over Centarius API.
// ./src/routes.js
import Home from './Home';
import About from './About';
import Counter from './Counter';
// Internally these will become:
// <Route path={path} exact={exact} render={props => <component {...props} data={data} />} />
const routes = [
{
path: '/',
exact: true,
component: Home,
},
{
path: '/about',
component: About,
},
{
path: '/counter/:count',
component: Counter,
},
];
export default routes;
Sometimes you need to modify the route component for your needs such as Protected Route to handle your system's authentication. Centarius provides you with a simple solution for this by using attribute routerComponent in your routes config
// ./src/routes.js
import Home from './Home';
import User from './User';
import About from './About';
import Counter from './Counter';
import ProtectedRoute from './ProtectedRoute';
const routes = [
{
path: '/',
exact: true,
component: Home,
},
{
path: '/user/:username',
routeComponent: ProtectedRoute,
component: User,
...rest
// Internally these will become:
// <ProtectedRoute path={path} exact={exact} render={props => <component {...props} data={data} />} {...rest } />
},
{
path: '/about',
component: About,
},
{
path: '/counter/:count',
component: Counter,
},
];
export default routes;
Sometimes you need to nested your routes to handle so many things.
However, you need to make parent component render children component.
TL;DR : path will be concatted recursively from parent routes
{
path: '/user',
exact: true,
routeComponent: ProtectedRoute,
component: User,
routes: [
{
path: '/:username',
component: UserDetail,
exact: true,
routes: [
{
path: '/edit',
component: UserEdit,
}
]
},
],
...rest
}
That code will make /user/:username
render UserDetail
component and user/:username/edit
will render UserEdit
component.
// ./src/routes.js
import Home from './Home';
import User from './User';
import UserDetail from './UserDetail';
import About from './About';
import Counter from './Counter';
import ProtectedRoute from './ProtectedRoute';
const routes = [
{
path: '/',
exact: true,
component: Home,
},
{
path: '/user',
exact: true,
routeComponent: ProtectedRoute,
component: User,
routes: [
{
path: '/:username',
component: UserDetail,
},
],
...rest
// Internally these will become:
//
// <ProtectedRoute
// path="/user"
// exact
// render={props =>
// <User {...props} data={data}>
// <Route
// path="/user/:username"
// render={childrenProps =>
// <UserDetail {...props} data={data} />
// }
// />
// </User>
// }
// {...rest }
// />
},
{
path: '/about',
component: About,
},
{
path: '/counter/:count',
component: Counter,
},
];
export default routes;
Centarius has default options as follows
{
document: React.Component<any, any> = DefaultCentariusDocument,
staticMethod: string = 'getInitialProps',
rootId: string = 'root',
dataId: string = 'server-app-state',
isServer: boolean,
routes: Array<RouteObject> = [], // override this!
}
Example
Centarius : ({ routes, data, options, beforeNavigating, afterNavigating }) => React.Component<any, any>
routes: array[]
: Routes configdata: object
: Initial data for Centariusoptions: object
: Centarius custom optionsbeforeNavigating: () => void
: (client-only) Function that runs before navigating between routeafterNavigating: ()=> void
: (client-only) Function that runs after navigating between route// client.js
import React from 'react';
import { hydrate } from 'react-dom';
import { BrowserRouter } from 'react-router-dom';
import './client.css';
import { Centarius } from 'centarius/core';
import { getSsrData } from 'centarius/client';
import routes from './routes';
const data = getSsrData();
const options = {
staticMethod: 'fetchData', // * change the method to make client can preload data
// Anything else you add here will be made available
// within static method in client
// e.g a redux store, etc.
}
hydrate(
<BrowserRouter>
<Centarius routes={routes} data={data} options={options} />
</BrowserRouter>,
document.getElementById('root')
);
if (module.hot) {
module.hot.accept();
}
render : (options: object) => html : string
// server.js
import express from 'express';
import { render } from 'centarius/server';
import routes from './routes';
const assets = require(process.env.RAZZLE_ASSETS_MANIFEST);
const server = express();
server
.disable('x-powered-by')
.use(express.static(process.env.RAZZLE_PUBLIC_DIR))
.get('/*', async (req, res) => {
const routerContext = {};
if (req.url.match(/.map$/)) return;
try {
const html = await render({
req,
res,
routes,
assets,
staticMethod: 'fetchData',
customThing: 'thing',
// Anything else you add here will be made available
// within static method in server
// e.g a redux store, etc.
});
res.send(html);
} catch (error) {
res.json(error);
}
});
export default server;
Centarius does not defining any code splitting method like After, Next, or Rogue (with loadable-components) did.
But Centarius does enforce you to implement code splitting with other libraries
With the right custom routes config, you can implement it with another React code splitting library out there such as
Currently, Centarius only suppors code splitting library that has static method [load | preload] that return component and also hoisting static method such as getInitialProps after it has been loaded.
Centarius works like After and Next, you can override any html structure that suitable for your needs.
Why we need it?
Centarius does not support React Helmet by default, you must add it on your document and custom render.
It really helps if you want to add CSS or other component with side-effects (React Helmet, etc) that needs custom document structure.
Example with React Helmet and React Native Web
// document.js
import React, { Component } from 'react';
import { AppRegistry } from 'react-native';
import { renderToStaticMarkup } from 'react-dom/server';
import { CentariusRoot, CentariusData } from 'centarius/document';
/* eslint-disable */
export default class CustomDocument extends Component {
static async getInitialProps({ assets, data, renderPage }) {
const page = await renderPage();
return { assets, data, ...page };
}
render() {
const {
rootId,
dataId,
data,
// we passed it via custom renderer
assets,
helmet,
rnwCss,
} = this.props;
const htmlAttrs = helmet.htmlAttributes.toComponent();
const bodyAttrs = helmet.bodyAttributes.toComponent();
return (
<html lang="en" {...htmlAttrs}>
<head>
<meta httpEquiv="X-UA-Compatible" content="IE=edge" />
<meta charSet="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
{helmet.title.toComponent()}
{helmet.meta.toComponent()}
{helmet.link.toComponent()}
{assets.client.css && (
<link rel="stylesheet" href={assets.client.css} />
)}
<style
id="react-native-stylesheet"
dangerouslySetInnerHTML={{
__html: rnwCss
.replace(/<\/style>/g, '')
.replace(/<style id="react-native-stylesheet">/g, ''),
}}
/>
</head>
<body {...bodyAttrs}>
<CentariusRoot id={rootId} />
<CentariusData id={dataId} data={data} />
<script
type="text/javascript"
src={assets.client.js}
crossOrigin="anonymous"
/>
</body>
</html>
);
}
}
// server.js
import express from 'express';
import React, { Fragment } from 'react';
import { renderToString, renderToStaticMarkup } from 'react-dom/server';
import { AppRegistry } from 'react-native';
import Helmet from 'react-helmet';
import { render } from 'centarius/server';
import document from './document';
import routes from './routes';
const assets = require(process.env.RAZZLE_ASSETS_MANIFEST);
const server = express();
server
.disable('x-powered-by')
.use(express.static(process.env.RAZZLE_PUBLIC_DIR))
.get('/*', async (req, res) => {
if (req.url.match(/.map$/)) return;
try {
const customRenderer = async (node) => {
const helmet = Helmet.renderStatic();
const CustomApp = () => <Fragment>{node}</Fragment>;
AppRegistry.registerComponent('App', () => CustomApp);
const { element, getStyleElement } = AppRegistry.getApplication(
'App',
{}
);
return {
helmet,
rnwCss: renderToStaticMarkup(getStyleElement()),
html: renderToString(element),
};
};
const html = await render({
req,
res,
routes,
assets,
document,
customRenderer,
customThing: 'thing',
});
if (res.finished) return;
res.send(html);
} catch (error) {
res.status(500);
res.send(error.stack);
}
});
export default server;
If you were using something like styled-components
, and you need to wrap you entire app with some sort of additional provider or function, you can do this with renderPage()
.
Taken from After
// Document.js
import React, { Component } from 'react';
import { ServerStyleSheet } from 'styled-components'
import { renderToStaticMarkup } from 'react-dom/server';
import { CentariusRoot, CentariusData } from 'centarius/document';
export default class CustomDocument extends Component {
static async getInitialProps({ assets, data, renderPage }) {
const sheet = new ServerStyleSheet();
const page = await renderPage(App => props => sheet.collectStyles(<App {...props} />));
const styleTags = sheet.getStyleElement();
return { assets, data, ...page, styleTags };
}
render() {
const {
rootId,
dataId,
helmet,
assets,
data,
styleTags,
} = this.props;
return (
<html lang="en">
<head>
<meta httpEquiv="X-UA-Compatible" content="IE=edge" />
<meta charSet="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
{styleTags}
</head>
<body>
<CentariusRoot id={rootId} />
<CentariusData id={dataId} data={data} />
<script
type="text/javascript"
src={assets.client.js}
defer
crossOrigin="anonymous"
/>
</body>
</html>
);
}
To use custom document, you need to pass it on server file
// server.js
import express from 'express';
import { render } from 'centarius/server';
import routes from './routes';
import Doc from './Document';
const assets = require(process.env.RAZZLE_ASSETS_MANIFEST);
const server = express();
server
.disable('x-powered-by')
.use(express.static(process.env.RAZZLE_PUBLIC_DIR))
.get('/*', async (req, res) => {
if (req.url.match(/.map$/)) return;
try {
const html = await render({
req,
res,
assets,
staticMethod: 'fetchData',
customThing: 'thing',
document: Doc,
// Anything else you add here will be made available
// within static method in server
// e.g a redux store, etc.
});
res.send(html);
} catch (error) {
res.json(error);
}
});
export default server;
You can provide a custom (potentially async) rendering function as an option to Centarius render
function, just like After.js.
If it presents, it will be used instead of the default ReactDOMServer renderToString function.
It has to return an object of shape { html : string!, ...otherProps }
, in which html
will be used as the rendered string.
otherProps
will be passed as props to the rendered Document.
defaultRenderer = (node) => ({ html: ReactDOMServer.renderToString(node) })
Example
// server.js
import express from 'express';
import { render } from 'centarius/server';
import { Capture } from 'react-loadable';
import { getBundles } from 'react-loadable/webpack';
import stats from 'build/react-loadable.json';
import configureStore from 'store/configureStore';
import routes from './routes';
import Doc from './Document';
const assets = require(process.env.RAZZLE_ASSETS_MANIFEST);
const server = express();
server
.disable('x-powered-by')
.use(express.static(process.env.RAZZLE_PUBLIC_DIR))
.get('/*', async (req, res) => {
if (req.url.match(/.map$/)) return;
try {
const preloadedState = {};
const store = configureStore(preloadedState);
const modules = [];
const customRenderer = (node) => {
const CustomApp = (
<Capture report={(moduleName) => modules.push(moduleName)}>
<Provider store={store}>{node}</Provider>
</Capture>
);
const bundles = getBundles(stats, modules);
const chunks = bundles.filter((bundle) => bundle.file.endsWith('.js'));
return {
chunks,
store, // notice that this will passed into document
html: renderToString(CustomApp),
};
};
const html = await render({
req,
res,
routes,
assets,
staticMethod: 'fetchData',
customThing: 'thing',
document: Doc,
store, // this will be passed in static method in server
// Anything else you add here will be made available
// within static method in server
// e.g a redux store, etc.
});
res.send(html);
} catch (error) {
res.json(error);
}
});
export default server;
Package | Version | Dependencies | Description |
---|---|---|---|
centarius | Core package. Required | ||
@centarius/state-hoc | State HOC for Centarius | ||
@centarius/react-loadable | React Loadable HOC for Centarius |
This project is licensed under the MIT License - see the LICENSE.md file for details
FAQs
♥ Sweet React SSR for Everyone ♥
The npm package centarius receives a total of 17 weekly downloads. As such, centarius popularity was classified as not popular.
We found that centarius demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.