Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: express example #50

Merged
merged 31 commits into from
May 23, 2023
Merged

feat: express example #50

merged 31 commits into from
May 23, 2023

Conversation

kwajiehao
Copy link
Contributor

This is a rejig of #43 with a few major changes:

  1. Frontend is no longer pulled and delivered statically, but run separately as a SPA (see https://github.com/opengovsg/sgid-demo-frontend-spa)
  2. As part of that, configure CORS to work with the SPA
  3. Update documentation
  4. Update to use sgid-client v2.0.0, which uses PKCE by default

mantariksh and others added 24 commits May 5, 2023 12:00
@mantariksh
feat: express example with local static files
f288c4b
@mantariksh
feat: install ts-node for dev; parse cookies correctly
4da9c8d
@mantariksh
chore: fix lint issues
e01e1f6
@mantariksh
chore: change port to something sensible
548b862
@mantariksh
chore: install ts-node-dev
7736b05
@mantariksh
fix: send index.html for all routes
a620203
@mantariksh
refactor: use try-catch in initServer
d2b4a89
@mantariksh
feat: add logout route
8f8d830
@mantariksh
feat: remove logout redirect
e3a68f0
@mantariksh
feat: add ice cream to userinfo
897e57f
@mantariksh
refactor: store state as search params
620a0f8
@mantariksh
feat: retrieve static files from Cloudfront
af44a5c
@mantariksh
refactor: remove unused env var from env example
f2d9bdc
@mantariksh
chore: change port again
e030880
@mantariksh
chore: add README for express example
fbc0654
@mantariksh
feat: auto open browser on server start
0752907
@mantariksh
chore: add more stuff to .gitignore
dfc592b
@mantariksh
chore: add more detail to README
bc86541
@mantariksh
chore: fix numbering in example app README
d440639
@kwajiehao
chore: delete fetching of static frontend
c6d3c08 
This commit deletes the fetching of the static frontend because
we want to shift to a model of hosting the frontend separately from
the backend. The reason for this is that having a backend server
+ separate frontend SPA is a more common mode of development and
deployment
@kwajiehao
feat: update example to work with frontend SPA
4e0c566 
This commit makes a few changes:
1. Install CORS
2. Configure CORS to work with the frontend SPA
3. Remove code that serves the static frontend

This is in accordance with what we discussed, since a backend +
frontend SPA development pattern is expected to be most common.
@kwajiehao
chore: add files to ignore for eslint
fe0236b
@kwajiehao
chore: update documentation
306ac8d
@kwajiehao
feat: update sgid client version and update to use PKCE
9b6f35a
@kwajiehao kwajiehao requested a review from raynerljm May 17, 2023 08:33
mantariksh
mantariksh reviewed May 18, 2023
View reviewed changes
examples/express/README.md
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need to add instructions here on how to run the frontend?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already have it in our docs (https://docs.id.gov.sg/integrations-with-sgid/typescript-javascript/express-with-single-page-app-frontend#step-5-test-it-out) but let me add it here too

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated in ca6c50a

raynerljm
raynerljm reviewed May 18, 2023
View reviewed changes
Copy link
Contributor

@raynerljm raynerljm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mostly looks good! just some small nits - thanks for fixing this up! 🌮

.eslintignore Outdated Show resolved Hide resolved
examples/express/README.md Outdated Show resolved Hide resolved
examples/express/README.md Outdated Show resolved Hide resolved
examples/express/README.md Show resolved Hide resolved
examples/express/index.ts Outdated
// Exchange the authorization code and code verifier for the access token
const { accessToken, sub } = await sgid.callback({
code: authCode,
nonce: session.nonce,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: should we destructure the nonce and codeVerifier from the session? because in/userinfo the values are being extracted from the session before being passed to userinfo (might also make passing the params a bit neater)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed it in the callback code in aca2c32

i didn't fix it for userinfo because you can't destructure an undefined item (session is possibly undefined). We could check for whether session is defined first, but since we also need to check for access token and sub, it doesn't really make sense to destructure there

examples/express/index.ts Outdated Show resolved Hide resolved
examples/express/index.ts Show resolved Hide resolved
@mantariksh mantariksh mentioned this pull request May 18, 2023
Merged
@kwajiehao kwajiehao requested a review from raynerljm May 23, 2023 08:01
raynerljm
raynerljm approved these changes May 23, 2023
View reviewed changes
Copy link
Contributor

@raynerljm raynerljm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just 2 minor suggestions! other than that LGTM :D

examples/express/index.ts Outdated
apiRouter.get('/logout', async (_req, res) => {
apiRouter.get('/logout', async (req, res) => {
const sessionId = String(req.cookies[SESSION_COOKIE_NAME])
// eslint-disable-next-line @typescript-eslint/no-dynamic-delete
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: if we have to disable this rule, should we consider either turning off the rule or using javascript Maps instead?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since Map is not fully supported by all browsers, I chose to turn off the rule instead. fixed in beef837

examples/express/package.json Outdated Show resolved Hide resolved
@kwajiehao kwajiehao merged commit baf5260 into develop May 23, 2023
@kwajiehao kwajiehao deleted the feat/examples-express-updated branch May 23, 2023 08:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mantariksh mantariksh mantariksh left review comments

@raynerljm raynerljm raynerljm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kwajiehao @mantariksh @raynerljm