Gathering detailed insights and metrics for react-native-action-cable-jwt
Gathering detailed insights and metrics for react-native-action-cable-jwt
Gathering detailed insights and metrics for react-native-action-cable-jwt
Gathering detailed insights and metrics for react-native-action-cable-jwt
React Native + Action Cable with Authetication JWT
npm install react-native-action-cable-jwt
Typescript
Module System
Node Version
NPM Version
JavaScript (100%)
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
6 Stars
15 Commits
2 Forks
2 Watchers
1 Branches
1 Contributors
Updated on Nov 20, 2018
Latest Version
1.0.3
Package Id
react-native-action-cable-jwt@1.0.3
Unpacked Size
4.91 kB
Size
2.21 kB
File Count
3
NPM Version
5.6.0
Node Version
8.11.4
Cumulative downloads
Total Downloads
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
1
Compatible 100% Rails 5 + GRAPHQL RUBY ~> '1.8.5'
Make your mobile application safer by avoiding to send tokens via url. Submit your jwt token from your application via the Action Cable header. Why not send JWT tokens via URL? read more: https://bit.ly/2nZ4GbS
npm install --save react-native-action-cable-jwt
1import ActionCableJwt from 'react-native-action-cable-jwt'; 2import ActionCableLink from 'graphql-ruby-client/subscriptions/ActionCableLink'; 3 4const url = 'http://YOUR_URL'; 5 6const wsUri = `ws://${url}/cable`; 7const actionCableJwt = ActionCableJwt.createConnection(async () => { 8 const token = await AsyncStorage.getItem('@token'); 9 return token; 10}); 11const cable = actionCableJwt.createConsumer(wsUri); 12const webSocketLink = new ActionCableLink({ cable }); 13
app/channels/graphql_channel.rb
1class GraphqlChannel < ApplicationCable::Channel 2 def subscribed 3 @subscription_ids = [] 4 end 5 6 def execute(data) 7 query = data['query'] 8 variables = ensure_hash(data['variables']) 9 operation_name = data['operationName'] 10 context = { 11 current_user: current_user, 12 channel: self, 13 } 14 15 result = YOURSCHEMA.execute(query: query, 16 context: context, 17 variables: variables, 18 operation_name: operation_name) 19 20 payload = { 21 result: result.subscription? ? {data: nil} : result.to_h, 22 more: result.subscription? 23 } 24 25 if result.context[:subscription_id] 26 @subscription_ids << context[:subscription_id] 27 end 28 29 transmit(payload) 30 end 31 32 def unsubscribed 33 @subscription_ids.each { |sid| 34 YOURSCHEMA.subscriptions.delete_subscription(sid) 35 } 36 end 37 38 private 39 40 def ensure_hash(ambiguous_param) 41 case ambiguous_param 42 when String 43 ambiguous_param.present? ? ensure_hash(JSON.parse(ambiguous_param)) : {} 44 when Hash, ActionController::Parameters 45 ambiguous_param 46 when nil 47 {} 48 else 49 raise ArgumentError, "Unexpected parameter: #{ambiguous_param}" 50 end 51 end 52end 53
app/channels/application_cable/connection.rb
1module ApplicationCable 2 class Connection < ActionCable::Connection::Base 3 identified_by :current_user 4 5 def connect 6 self.current_user = find_verified_user || reject_unauthorized_connection 7 end 8 9 def disconnect 10 # Any cleanup work needed when the cable connection is cut. 11 end 12 13 protected 14 def find_verified_user 15 header_array = request.headers[:HTTP_SEC_WEBSOCKET_PROTOCOL].split(',') 16 token = header_array[header_array.length-1] 17 return nil if token.blank? 18 # Example with authetication via GEM 'json_web_token' 19 current_user = AuthToken.verify(token) 20 return current_user ? current_user.id : nil 21 end 22 end 23end
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
no SAST tool detected
Details
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/15 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
license file not detected
Details
Reason
branch protection not enabled on development/release branches
Details
Score
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More