UNPKG

sharetribe-flex-sdk

Version:

Sharetribe SDK for JavaScript

github.com/sharetribe/flex-sdk-js

sharetribe/flex-sdk-js

115 lines (86 loc) 3.36 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
# Token store Token store is a pluggable SDK module, that stores the user's session information. The SDK ships with three token store implementations. They are: ### Browser cookie store Reads and stores the session information to HTTP cookie. This token store is used by default, if SDK is used in environment where cookie are available (i.e. browser). The constructor takes the following options: | Key | Descriotion | | --- | ----------- | | `clientId` | The clientId | | `secure` | Boolean. When `true`, the cookie will be transferred only with HTTPS requests | **Please note:** Some browsers, like Google Chrome, do not set cookies when using `file:///` protocol. In this case, you can use [Memory store](#memory-store). ### Express cookie store This token store is meant to be used with [Express.js](https://expressjs.com/) server. Read and stores the session information to HTTP cookie. The constructor takes the following options: | Key | Descriotion | | --- | ----------- | | `clientId` | The clientId | | `req` | Express.js request | | `res` | Express.js response | | `secure` | Boolean. When `true`, the cookie will be transferred only with HTTPS requests | **Example:** Create new SDK instance with Express cookie store: ``` js const express = require('express'); const cookieParser = require('cookie-parser'); const sharetribeSdk = require('sharetribe-flex-sdk'); const app = express(); // The token store expects that cookieParser middleware is in use app.use(cookieParser()); app.get('/', (req, res) => { // Initialize the SDK instance const sdk = sharetribeSdk.createInstance({ clientId: "<your Client ID>", baseUrl: "<your Base URL>", tokenStore: sharetribeSdk.tokenStore.expressCookieStore({ clientId: "<your Client ID>", req, res, secure: true // Set to true, if you are using HTTPS }), }); // Call the SDK to preload listings sdk.listings.search({ ... }).then((listingsResult) => { // do rendering etc. }); }); ``` **Serious security note:** Always create a new SDK instance per each request! Do not store and reuse the SDK instance or you may end up mixing user sessions. **❌ Example:** DON'T DO THIS! ``` js // DON'T DO THIS! // let sdk; app.get('/', (req, res) => { // Initialize the SDK instance sdk = sharetribeSdk.createInstance({ clientId: "<your Client ID>", baseUrl: "<your Base URL>", tokenStore: sharetribeSdk.tokenStore.expressCookieStore({ clientId: "<your Client ID>", req, res, secure: true // Set true, if you are using HTTPS }), }); // Call the SDK to preload listings sdk.listings.search({ ... }).then((listingsResult) => { // do rendering etc. }); }); app.get('/something_else', (req, res) => { // OOPS! The previous user session is used here! sdk.listings.search({ ... }).then((listingsResult) => { // do rendering etc. }); }); ``` ## Memory store Memory store stores the session information to application memory. The session information is lost when the page is refreshed. This store is mainly used for testing and development. In case you are testing locally from `file:///`, you may need to use memory store, because some browsers (e.g. Google Chrome) do not save cookies when using `file:///` making the default [Browser cookie store](#browser-cookie-store) unusable.