Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
rw-api-microservice-node
Advanced tools
Readme
Library to register and integrate microservices in the RW API.
Supports Koa 2.x and 1.x frameworks.
Using NPM:
npm install --save rw-api-microservice-node
Using Yarn:
yarn add rw-api-microservice-node
In the listen
callback of your Koa application, add the following code snippet:
const Koa = require('koa');
const RWAPIMicroservice = require('rw-api-microservice-node')
const app = new Koa();
app.use(RWAPIMicroservice.bootstrap({
logger: logger,
microserviceToken: '<your microservice token>',
gatewayURL: '<your gateway URL>',
fasltyEnabled: true,
fastlyServiceId: '<your Fastly service id>',
fastlyAPIKey: '<your Fastly API key>',
awsRegion: '<your AWS region>',
awsCloudWatchLogStreamName: '<your AWS CloudWatch log stream name>',
}))
// Make sure you add your auth-depending routes *after* bootstraping this module
const server = app.listen(process.env.PORT, () => {
logger.info('Server started!');
});
These are the values you'll need to provide when using this library:
See this link for details on how to get Fastly credentials.
Argument name | Type | Description | Required? | Default value |
---|---|---|---|---|
logger | Object | A bunyan logger object, for logging purposes | yes | |
gatewayURL | string | The URL of the API as a whole, where all other services will be reachable | yes | |
microserviceToken | string | JWT token to use on calls to other services | yes | |
skipAPIKeyRequirementEndpoints | Array | List of object containing a method and pathRegex . Incoming requests that match one of the elements on the list will bypass API Key requirement. | no | |
fastlyEnabled | boolean | If set to true , the Fastly integration will be enabled | yes | |
fastlyServiceId | string | Access credentials to the Fastly API | if Fastly enabled | |
fastlyAPIKey | string | Access credentials to the Fastly API | if Fastly enabled | |
requireAPIKey | boolean | If API keys are required. If set to true, requests with no API key automatically get a HTTP 403 response. | no | true |
awsCloudWatchLoggingEnabled | boolean | If API key usage should be logged to AWS CloudWatch. | no | true |
awsRegion | string | Which AWS region to use when logging requests to AWS CloudWatch. | yes | |
awsCloudWatchLogGroupName | string | Which CloudWatch Log Group name to use when logging requests to AWS CloudWatch. | no | 'api-keys-usage' |
awsCloudWatchLogStreamName | string | Which CloudWatch Log Stream name to use when logging requests to AWS CloudWatch. | yes |
FAQs
Integration library for the RW API microservice
The npm package rw-api-microservice-node receives a total of 5 weekly downloads. As such, rw-api-microservice-node popularity was classified as not popular.
We found that rw-api-microservice-node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.