Gathering detailed insights and metrics for @egomobile/microservices
Gathering detailed insights and metrics for @egomobile/microservices
Shared library for microservices, written for Node.js in TypeScript.
Installations
npm install @egomobile/microservicesDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=12.0.0
Node Version
12.22.12
NPM Version
6.14.16
Score
40.5
Supply Chain
89.5
Quality
75.1
Maintenance
50
Vulnerability
75.9
License
Releases
Unable to fetch releases
Languages
2
TypeScript
JavaScript
TypeScript (99.61%)
JavaScript (0.39%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
LGPL-3.0 License
3 Stars
142 Commits
25 Branches
2 Contributors
Updated on May 22, 2024
Maintainers
5
Package Meta Information
Latest Version
2.0.0
Package Id
@egomobile/microservices@2.0.0
Unpacked Size
170.61 kB
Size
29.85 kB
File Count
65
NPM Version
6.14.16
Node Version
12.22.12
Published on
Dec 11, 2023
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
15
Peer Dependencies
9
@egomobile/microservices
Shared library for microservices, written for Node.js, in TypeScript.
Install
Execute the following command from your project folder, where your package.json file is stored:
1npm install --save @egomobile/microservices
Usage
Auth
Passwords
Hash passwords with bcrypt:
1import { checkPassword, checkPasswordSync, hashPassword, hashPasswordSync } from '@egomobile/microservices'; 2 3const hash1 = await hashPassword('test'); 4const doesMatch1 = await checkPassword('test', hash1); // true 5 6const hash2 = hashPasswordSync('test'); 7const doesMatch2 = checkPasswordSync('Test', hash2); // false
JWT
Sign and verify JSON Web Tokens:
1import { signJWT, verifyJWT } from '@egomobile/microservices'; 2 3interface IUserToken { 4 uuid: string; 5} 6 7const jwt = signJWT({ 8 uuid: 'cb246b52-b8cd-4916-bfad-6bfc43845597' 9}); 10 11const decodedToken = verifyJWT<IUserToken>(jwt);
Express
Use predefined Express middleware to verify and decode JWTs:
1import express from 'express'; 2import { withJWT } from '@egomobile/microservices'; 3 4const app = express(); 5 6app.get('/', withJWT(), async (request, response) => { 7 // decoded, valid user token is stored in: 8 // request.userToken 9}); 10 11app.listen(4242, () => { 12 console.log('Service is listening ...'); 13});
Azure AD
You can connect with Azure AD, by using passport and passport-azure-ad modules:
1import express from 'express'; 2import { setupAppForAzureAD } from '@egomobile/microservices'; 3 4const app = express(); 5 6const { withAzureADBearer } = setupAppForAzureAD(app); 7 8app.get('/', withAzureADBearer(), async (request, response) => { 9 // get decoded token 10 const authInfo: any = request.authInfo; 11 12 return response.json(authInfo); 13}); 14 15app.listen(4242, () => { 16 console.log('Service is listening ...'); 17});
Constants
| Name | Description | Example |
|---|---|---|
APPLICATION_INSIGHTS_KEY | Application Insights key. | dd7589fc-1cf9-413e-bf6c-aa1253858b55 |
AZURE_AD_AUDIENCE | Azure AD audience. | 6b3c51b9-7cc0-4327-a901-e5b889efbbaa |
AZURE_AD_CLIENT_ID | App ID for Azure AD. | 6b3c51b9-7cc0-4327-a901-e5b889efbbaa |
AZURE_AD_IDENTITY_METADATA | Identity metadata. | https://myazuread.b2clogin.com/myazuread.onmicrosoft.com/my_policy/v2.0/.well-known/openid-configuration |
AZURE_AD_IS_B2C | true if Azure AD is running in B2C context. | true |
AZURE_AD_LOGGING_LEVEL | Azure ADlogging level. Possible values are error, info or warn. | info |
AZURE_AD_PASS_REQ_TO_CALLBACK | true if Azure AD request should be passed to callback. | false |
AZURE_AD_POLICY_NAME | Azure AD policy name. | my_policy |
AZURE_STORAGE_CONNECTION_* | The string of the connection to the storage. | DefaultEndpointsProtocol=https;....windows.net |
AZURE_STORAGE_CONNECTION_*_CONTAINER | The name of the underlying container. | my_container |
AZURE_AD_VALIDATE_ISSUER | true if Azure AD issuer should be validated or not. | false |
BCRYPT_ROUNDS | The number of rounds for bcrypt hashing. Default: 10 | 12 |
EMAIL_FROM | The email from field. | no-reply@e-go-mobile.com |
EMAIL_HOST | The host for sending mail. | smtp.office365.com |
EMAIL_PASSWORD | The email password for authentication. | <some secure password> |
EMAIL_PORT | The port for sending mail. | 587 |
EMAIL_SECURE | Should the email be send encryted? | false |
EMAIL_USER | The email user for authentication. | no-reply@e-go-mobile.com |
EMAIL_TO | The email to field. | some@address.com |
JWT_SECRET | The secret for signing and validating JWT. | mySecretJWTSecret |
LOCAL_DEVELOPMENT | true if app running in local development context or not. | false |
LOG_LEVEL | The name of the logging level. | debug |
MONGO_DB | The name of the database to connect to. | myDatabase |
MONGO_IS_LAZY | If true, MongoDatabase will throw an error, if not enough configuration data is available, the first time an instance of it is used, instead the time an instance of it is created. | true |
MONGO_URL | The connection URL. | mongodb://mongo.example.com:27017 |
NATS_CLUSTER_ID | The name of the cluster, that contains all microservices. | my-cluster |
NATS_GROUP | The name of the pod group / Kubernetes deployment. | my-service-or-deployment |
NATS_URL | The URL to the NATS server. | http://my-nats-service:4222 |
POD_NAME | The name of the pod. This should come as imported metadata from Kubernetes. | my-service-or-deployment-xcsgbxv |
Diagnostics
The library uses winston as logger:
1import { logger } from '@egomobile/microservices'; 2 3logger.info('Hello e.GO!', { 4 file: __filename 5});
Application Insights
Setup Application Insights:
1import { setupApplicationInsights } from '@egomobile/microservices'; 2 3// you must define 'APPLICATION_INSIGHTS_KEY' 4// and must not be in local development context 5setupApplicationInsights();
Express
Schema
Use schema namespace, which is a link to embedded joi module, and build-in middlewares to validate input.
1import { schema, withDataURI, withSchema } from '@egomobile/microservices'; 2 3interface IMySchema { 4 email?: string; 5 first_name: string; 6 last_name: string; 7} 8 9const mySchema = schema.object({ 10 email: schema.string().strict().trim().email().optional() 11 first_name: schema.string().strict().trim().min(1).required() 12 last_name: schema.string().strict().trim().min(1).required() 13}).required(); 14 15 16// withSchema() will automatically add 17// middleware, created by express.json() 18// with a limit of 128 MB 19app.post('/user/register', withSchema(mySchema), async (request, response) => { 20 const body: IMySchema = request.body; 21 22 // ... 23}); 24 25// withDataURI() will automatically add middlewares 26// to parse the input 27app.put('/user/image', withDataURI(), async (request, response) => { 28 // data:<MIME>;base64,<BASE64-DATA> 29 30 const mime = request.headers['content-type'] as string; // <MIME> 31 const body: Buffer = request.body; // decoded <BASE64-DATA> 32 33 // ... 34});
MongoDB
Use MongoDatabase class, which has simple support to handle MongoDB connections:
1import { MongoDatabase } from '@egomobile/microservices'; 2 3const mongo = new MongoDatabase(); 4await mongoDb.connect(); 5 6// insert 7await mongo.insert('myCollection', [{ 8 uuid: '8d41b8fc-2110-4b05-91ff-0a40c007be9d', 9 last_name: 'Kloubert', 10 first_name: 'Marcel' 11}, { 12 uuid: '90b7191d-44ce-43c9-a6e3-b777a8b9c8a6', 13 last_name: 'M', 14 first_name: 'Tanja' 15}]); 16 17// find 18const docs = await mongo.find('myCollection', { 19 first_name: 'Tanja' 20}); 21 22// count 23const docsCount = await mongo.count('myCollection', { 24 first_name: 'Marcel' 25}); 26 27mongo.disconnect();
NATS
Connect to a NATS server:
1import { stan } from '@egomobile/microservices'; 2 3await stan.connect(); 4stan.exitOnClose();
Listener
Listen for events:
1import { NatsListener } from '@egomobile/microservices'; 2 3interface IMyEvent { 4 foo: string; 5 bar: number; 6} 7 8const myEventListener = new NatsListener<IMyEvent>('my.event'); 9 10myEventListener.onMessage = async (context) => { 11 // handle message in context.message of type IMyEvent 12}; 13 14myEventListener.listen();
Publisher
Publish events:
1import { NatsPublisher } from '@egomobile/microservices'; 2 3interface IMyEvent { 4 foo: string; 5 bar: number; 6} 7 8const myEventPublisher = new NatsPublisher<IMyEvent>('my.event'); 9 10await myEventPublisher.publish({ 11 foo: "TM+MK", 12 bar: 42 13});
Documentation
The API documentation can be found here.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: GNU Lesser General Public License v3.0: LICENSE:0
Reason
Found 4/14 approved changesets -- score normalized to 2
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/pull-request.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/egomobile/node-microservices/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/egomobile/node-microservices/publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/egomobile/node-microservices/publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/egomobile/node-microservices/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/egomobile/node-microservices/pull-request.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:20
- Warn: npmCommand not pinned by hash: .github/workflows/pull-request.yml:20
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
34 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
- Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
- Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-vxvm-qww3-2fh7
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
- Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
2.7
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More