UNPKG

@vansite/ts-sharetribe-flex-sdk

Version:

This is a TypeScript SDK for Sharetribe Flex API. It reduces the complexity of the API and provides a more user-friendly interface.

github.com/VanSite/ts-sharetribe-flex-sdk

VanSite/ts-sharetribe-flex-sdk

70 lines (69 loc) 2.56 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
import { Request, Response } from "express"; import { AuthToken, TokenStore } from "../../types"; /** * Configuration options for the `ExpressStore`. */ export type ExpressStoreOptions = { clientId: string; req: Request; res: Response; /** * Whether to use secure cookies (HTTPS only). * Defaults to false. Set to true in production (HTTPS). */ secure?: boolean; /** * Whether to set httpOnly flag (prevents JavaScript access). * Defaults to false to match the original Sharetribe SDK behavior and allow * the BrowserStore to share the same cookie. Setting to true will prevent * client-side JavaScript from reading or writing the token cookie, which * breaks the shared session model between server and client SDK instances. */ httpOnly?: boolean; /** * SameSite cookie attribute for CSRF protection. * Defaults to 'Lax' for balance of security and usability. */ sameSite?: "strict" | "lax" | "none"; }; /** * `ExpressStore` is an implementation of the `TokenStore` interface for managing authentication tokens via cookies in an Express application. * * **Note:** This store defaults to `httpOnly: false` to match the original Sharetribe SDK behavior. * Server and client SDK instances share the same cookie, so httpOnly must be false * for the BrowserStore to read/write the token set by the server. */ declare class ExpressStore implements TokenStore { expiration: number; private namespace; private key; private cookieOptions; private req; private res; private currentToken; /** * Initializes the `ExpressStore` with client-specific options. * @param options - Configuration options for the store. */ constructor({ clientId, req, res, secure, httpOnly, sameSite }: ExpressStoreOptions); /** * Retrieves the authentication token, either from cache or from the request cookies. * @returns A promise that resolves to the `AuthToken` or null if no token exists. */ getToken(): AuthToken | null; /** * Stores the authentication token in a response cookie. * @param token - The authentication token to store. */ setToken(token: AuthToken): void; /** * Removes the authentication token from the response cookies. */ removeToken(): void; /** * Reads the authentication token from the request cookies. * @returns The `AuthToken` if present in cookies, otherwise null. */ private readCookie; } export default ExpressStore;