jsreport-public-reports
Advanced tools
jsreport extension for accessing reports with an access-token
Extension allows to share reports with non authenticated users by exposing single purpose access tokens.
npm install jsreport-public-reports
You can apply this extension also manually to jsreport-core
var jsreport = require('jsreport-core')()
jsreport.use(require('jsreport-public-reports')())
This depends on jsreport authentication, authorization, reports and blobstorage. This is untested on other blobs than in memory, but may work. The reason for this implicit dependency is to get content-length for the pdf stream. In the render requests you need to flag the request to save the report. See central jsreport report documentation.
/public-reports?access_token=jsreport_user_username&reportid=aYue6aCjHapVoDmq
Where access token is a js report username with read rights on the report resource.
This security model should be flexible for various use cases, but the primary use is that the jsreport client(usually the webserver) should generate a secure token and create a one-time user with readrights on one specific report.
Adapted from jsreport-public-templates and jsreport-reports by Asbjørn Lucassen (Sparebanken Sogn og Fjordane) 2018. Original works jsreport-core and jsreport-reports Copyright(c) 2018 Jan Blaha
FAQs
jsreport extension for accessing reports with an access-token
The npm package jsreport-public-reports receives a total of 5 weekly downloads. As such, jsreport-public-reports popularity was classified as not popular.
We found that jsreport-public-reports demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.