Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
interfacer
Advanced tools
Interfacer.js is a convenient module for working with RESTful API from Client.
Key Features:
yarn add interfacer
or
npm install interfacer --save
The most advanced feature, Interfacer.js provides, are 3 levels of configuration (Application level, Single Interface/Collection level, Request level). In every configuration level you can define things like defaultError
, baseUrl
, custom querybuilder
and more. Each level of configuration overrides previous (more global ones), so you can change everything, mid-action, on the fly if you need to.
Don't panic as you'll see all them references to Redux like dispatch
. Their's purpose is purely illustrative. you can provide any kind of function, that handles your data.
import interfacer from 'interfacer';
const globalConfig = {
baseUrl: 'http://localhost:8080/api',
defaultError: new Error('Something broke'),
errorHandler: ({error, message}) => dispatch({ type: 'API_ERROR', payload: message })
}
const createInterface = interfacer(globalConfig);
All of above settings will apply to every interface instance you create with this createInterface
function, unless overwritten by later configurations in more "local" level.
Also can be perceived as "collection level". In for example Redux I'd recommend to have one interface for each collection reducer. From server perspective, there is one interface per resource.
const localConfig = {
defaultError: new Error('Articles API error'),
querybuilder: myCustomQueryBuilder,
headers: { 'Content-Type': 'text/html' }
request: { mode: 'cors' },
flatMethod: parseXMLFunction,
errorHandler: err => dispatch({ type: 'API_ERROR', payload: err })
}
const articleInterface = createInterface('/articles', localConfig);
On Interface level you always specify resource
. That is route that will be appended to baseUrl
in all requests you do, with this interface. resource
string is always passed to createInterface
function as a first paramtere.
Obviously you can (and will) have many different Interfaces.
This final and most local level references to a certain requests you make with your interface. Each call returns a promise with your flattened (see flatMethod
) response.
const requestOptions = {
query: { fields: ['title', 'author']},
defaultError: new Error('Articles Collection failed to fetch')
};
articleInterface
.getCollection(requestOptions)
.then(data =>
dispatch({ type: 'RECIEVE_ARTICLES', payload: data })
);
Once you've created your interface network and configured it, it's time for you to do some fetching. Every interface has following methods get
, getCollection
, update
, create
and remove
. Once called, each function returns a Promise, that contains response of the fetch
as a frist parameter. Here is their API annotation.
get
(id :string | number, requestConfig? :Object) => Promise<Response>
getCollection
(requestConfig? :Object) => Promise<Response>
create
(body :Object, requestConfig? :Object) => Promise<Response>
remove
(id :ID, requestConfig? :Object) => Promise<Response>
update
(id :string, body :Object, requestConfig? :Object) => Promise<Response>
Property | Meaning | Type | Default |
---|---|---|---|
error | Error that gets sent to you via throwError fn once it occures | string or object | "unhandled" |
defaultError | If no error is found, defaultError gets sent to you | string or object | "unhandled" |
errorHandler | Function that gets called if error occurs. As first argument your error will be passed | console.error | |
headers | Object containting headers your request should have | object | "Content-Type": "application/json" |
flatMethod | Function that will be used on raw response from the fetch | function | .json() |
request | This object will be added to request options. It's the same as pasting an object into second argument of fetch function | {} | |
query | Object that gets passed to queryparser fn | object | {} |
baseUrl | baseUrl that your API runs on | string | "/" |
querybuilder | Function that transform query object into a query string | function | querybuilder |
makeBody | Function that'll be run on body, right before request is made. | function | body => body |
schema | If you're using normalizr you can specify, response will be normalized using this schema. | object |
Normalization of the response will take place after flatMethod
is applied. Also schema
property can be only configured in either Interface level
or Request level
config, as it doesn't really make sense to use one schema for all requests.
You can pass your own querybuilder
into any config, but you can also use default one. Annotation of querybuilder
looks like this
querybuilder(query :Object) => string
Default querybuilder
builds queries like this...
querybuilder({
filters: 'over18',
fields: ['title', 'years old']
});
// -> 'filters=over18&fields=title&fields=years%20old'
FAQs
Module for working with REST API
The npm package interfacer receives a total of 1 weekly downloads. As such, interfacer popularity was classified as not popular.
We found that interfacer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.