veritone-redux-common - npm Package Compare versions

Comparing version 2.0.0 to 2.1.0

CHANGELOG.md

@@ -25,1 +25,10 @@ # veritone-redux-common changelog
 > Now: apiRoot: 'https://api.veritone.com‘
+
+## 2.1.0
+* add an auth reducer to handle session and oauth tokens. Refactors stuff to use that rather than the user module.
+
+* add oauth grant flow that was previously in veritone-widgets
+
+* bump React to 16.2.0
+
+* remove minification from bundle for easier dev and debugging.

package.json

 {
   "name": "veritone-redux-common",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "dependencies": {
     "lodash": "^4.17.4",
     "prop-types": "^15.6.0",
-    "react": "^16.0.0",
+    "react": "^16.2.0",
     "react-redux": "^5.0.6",
@@ -29,3 +29,2 @@ "redux-api-middleware-fixed": "^1.2.0",
     "babel-jest": "^21.2.0",
-    "babel-minify-webpack-plugin": "^0.2.0",
     "enzyme": "^3.1.0",
@@ -32,0 +31,0 @@ "enzyme-adapter-react-16": "^1.0.2",

src/helpers/api/index.js

@@ -1,9 +0,17 @@
-import { selectSessionToken } from 'modules/user';
+import { selectSessionToken, selectOAuthToken } from 'modules/auth';
 
 export function commonHeaders(state) {
-  return {
-    Authorization: `Bearer ${selectSessionToken(state)}`,
+  const OAuthToken = selectOAuthToken(state);
+  const sessionToken = selectSessionToken(state);
+
+  let headers = {
     Accept: 'application/json',
     'Content-Type': 'application/json'
   };
+
+  if (OAuthToken || sessionToken) {
+    headers.Authorization = `Bearer ${OAuthToken || sessionToken}`;
+  }
+
+  return headers;
 }

src/modules/index.js

@@ -18,1 +18,9 @@ import uiStateReducer, * as uiStateModule from './ui-state';
 };
+
+import authRootSaga from './auth/oauthSaga'
+import authReducer, * as authModule from './auth';
+export const auth = {
+  reducer: authReducer,
+  ...authModule,
+  authRootSaga
+};

src/modules/user/index.js

@@ -11,2 +11,3 @@ import { CALL_API } from 'redux-api-middleware-fixed';
 import { getConfig } from 'modules/config';
+import { selectSessionToken } from 'modules/auth';
 
@@ -190,4 +191,4 @@ export const namespace = 'user';
 
-export function fetchUser({ token } = {}) {
-  let apiCall = {
+export function fetchUser() {
+  return {
     [CALL_API]: {
@@ -197,15 +198,5 @@ types: [FETCH_USER, FETCH_USER_SUCCESS, FETCH_USER_FAILURE],
       method: 'GET',
-      headers: {
-        Accept: 'application/json',
-        'Content-Type': 'application/json'
-      },
-      credentials: 'include'
+      headers: commonHeaders
     }
   };
-
-  if (token) {
-    apiCall[CALL_API].headers.Authorization = `Bearer ${token}`;
-  }
-
-  return apiCall;
 }
@@ -303,10 +294,2 @@
 
-export function selectSessionToken(state) {
-  return get(local(state), 'user.token');
-}
-
-export function selectApiToken(state) {
-  return get(local(state), 'user.apiToken');
-}
-
 export function enabledAppsFailedLoading(state) {
@@ -313,0 +296,0 @@ return local(state).fetchApplicationsFailed;

src/modules/user/index.test.js

@@ -140,2 +140,5 @@ import nock from 'nock';
           apiRoot: 'http://www.test.com'
+        },
+        auth: {
+          sessionToken: '123'
         }
@@ -150,23 +153,3 @@ });
     });
-
-    it('passes a session token through headers.Authorization if provided', function() {
-      const store = mockStore({
-        config: {
-          apiRoot: 'http://www.test.com'
-        }
-      });
-
-      const api = nock('http://www.test.com', {
-        reqheaders: {
-          authorization: 'Bearer my-test-token'
-        }
-      })
-        .get(/user/)
-        .reply(200);
-
-      return store
-        .dispatch(userModule.fetchUser({ token: 'my-test-token' }))
-        .then(() => api.done());
-    });
   });
 });

webpack.config.js

 const path = require('path');
-const MinifyPlugin = require("babel-minify-webpack-plugin");
 
@@ -20,3 +19,2 @@ module.exports = {
   plugins: [
-    new MinifyPlugin()
   ],
@@ -23,0 +21,0 @@ module: {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

600472

increased by193.01%

Dev dependency count

14

decreased by-6.67%

Number of package files

32

increased by6.67%

Lines of code

16434

increased by903.91%

Worsened metrics

Number of low supply chain risk alerts

34

increased by466.67%

Number of medium supply chain risk alerts

11

increased by1000%

Dependency changes

• Updatedreact@^16.2.0