Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
zmp-developer-token
Advanced tools
If you're tired of copying the access token every 1 hour, this library is for you
If you're tired of copying the access token every 1 hour, this library is for you
npm install -D zmp-developer-token
import { getDeveloperAccessToken } from "zmp-developer-token";
import api from "zmp-sdk";
async function getAccessToken() {
await api.login();
let token = await api.getAccessToken();
if (token === "DEFAULT ACCESS TOKEN") {
token = await getDeveloperAccessToken();
}
return token;
}
If you have multiple mini apps inside one domain, specify a unique namespace:
await getDeveloperAccessToken("my-app");
You need to provide a valid App ID (which provides the access token), App Secret (to get new tokens) and an initial Refresh Token (which will last many months, and keep renewed automatically until you lost it).
localStorage.setItem("zdt.appId", "");
localStorage.setItem("zdt.appSecret", "");
localStorage.setItem("zdt.refreshToken", "");
Only execute the above scripts inside Devtools > Console
. Do not put it inside of your source code ☠️
Copyright (c) Zalo Group. and its affiliates. All rights reserved.
The examples provided by Zalo Group are for non-commercial testing and evaluation purposes only. Zalo Group reserves all rights not expressly granted.
FAQs
If you're tired of copying the access token every 1 hour, this library is for you
The npm package zmp-developer-token receives a total of 656 weekly downloads. As such, zmp-developer-token popularity was classified as not popular.
We found that zmp-developer-token demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.