Where to store javascript send grid api key safely? - javascript

Where to store javascript send grid api key safely?
I have an angular2 app and want to store the api key in a safe place.
I'm using firebase and have no server side code like c#.
How is best to do this in angular js without someone loking through source files online to nick it.
This is my current code:
sendGridTestEmail = () => {
//TODO - store this in safe place
var sendgrid_api_key = "";
var sendgrid = require('sendgrid')(sendgrid_api_key);
sendgrid.send({
to: 'test#gmail.com',
from: 'support#gmail.com',
subject: 'Hello Test',
text: 'My first email through SendGrid.'
}, function(err, json) {
if (err) { return console.error(err); }
console.log(json);
});
}

There is no way safely store any private key on the client.
You can run a server though that sends emails and stores this API key. AppEngine is one of the easiest ways to run a server with Firebase. The only supported Firebase client on AppEngine is Java client.
You can use the Firebase JVM Client with the SendGrid Java SDK, and run it on AppEngine.
Here's a tutorial that takes you through the process. The tutorial does build an Android app, but you can use Android Studio for the Google Cloud tools.

Related

Writing data in Service Worker to Cloud Firestore

I'm working on a Firebase project and I want to receive firebase cloud messages (send from a Node.js server) in my service worker in my javascript project. This works fine, but now I want to save some data in my firebase cloud firestore from my service worker after receiving the notification. And there is the problem, I'm running in the error listed below:
Uncaught ReferenceError: XMLHttpRequest is not defined at Ln.<anonymous> (xmlhttp.js:167) at Me (channelrequest.js:512) at Ce (webchannelbase.js:1249) at Kn.xa (webchannelbase.js:1251) at re (run.js:124)
Since a few days I'm trying to find the error, but could not find a solution until now. Therefore I hope that you can help me now. I've tried to save the data in the firebase realtime database which works, but because I need to have offline persistence, I had to switch to cloud firestore which runs in the error above.
Here is the code from my node.js server for sending the notification (userID and registrationToken is defined before):
payload = {
data: {
"title": "This is a Notification",
"body": "This is the body of the notification message."
},
};
options = {
priority: "high",
timeToLive: 7200
};
// send message to the registration token
admin.messaging().sendToDevice(registrationToken, payload, options).then(function(response) {
admin.firestore().collection("Logging").doc(userID).set({active: "true"});
}).catch(function(error) {
console.log("Error sending message:", error);
});
And here is the code for receiving the notification in my firebase-messagins service worker file (userID is defined before):
self.addEventListener('notificationclick', function(event) {
event.notification.close();
const keepAlive = async() => {
firebase.firestore().collection("Logging").doc(userID).update({"open": "true"});
}
event.waitUntil(keepAlive());
});
Can anyone help me, please? I have no more ideas for solving my problem :/
You can't use XMLHttpRequest inside of a service worker. Instead, you need to use the Fetch API.
Based on your code, it's the Firebase client library that's using XMLHttpRequest under the hood. I don't think that you have any control over that (at least not based on what I see in the current JavaScript documentation for Firebase).
Instead of using the Firebase client library in your service worker, you could try using the REST API directly, using fetch() to send your HTTP requests. You'll be responsible for things like authentication and setting whatever user ids, etc. that the client library would otherwise handle for you, but I think that's your best bet inside of a service worker.
Since version 9 the Firebase Web SDK uses fetch instead of XMLHttpRequest. So it works inside a service worker.

API authenticate to odoo with token

I want to authenticate to Odoo from an express application using token. I am using odoo-xmlrpc node module to connect Odoo with
my express app. Odoo requires users of the API to be authenticated before they can use any other API. And this node module provides this function
const odoo = new Odoo({
url: config.odooUrl,//odoo url
db: config.odooDB,//odoo db path
username: "john#gmail.com",
password: "john_pass123"
});
odoo.connect(function(err, uid) {
if (err) {
errors.auth = "invalid cridentials";
return res.status(400).send(errors);
}
//execute something from/to odoo server
})
The problem is, I have to enter the user's credentials every time I want to execute an Odoo command. And if I store the user's password it would be stored as a plain text.
My question is, is their token-based authentication to Odoo that can be used through API. Or any other alternative solution to my problem
Currently in Odoo unfortunatelly there is no good solution to this. There is work in progress for support for api token access and 2-factor authentication in this pull request: https://github.com/odoo/odoo/pull/33928.
There are also multiple Odoo rest api modules in app store that support token authentication. You can find these with seach ”rest api” or ”token”. To me none of these have been perfect for my use-cases. I look forward to get native support for this in Odoo Community.

Sending an email using Azure SDK

I use azure-graph in my Node.js project:
const MsRest = require('ms-rest-azure');
const credentials = await MsRest.loginWithServicePrincipalSecret(keys.appId, keys.pass, keys.tenantId, { tokenAudience: 'graph' });
const GraphkManagementClient = require('azure-graph');
const client = new GraphkManagementClient(credentials, subscriptionId);
return client.users.get(principalID);
I want to use the Azure SDK also to send emails.
I know how to do that in low level using the API directly:
But I want to do it via the SDK like the rest of my project.
My problem is, I have not found any method for sending an email in the docs: azure-graph package. I need a method that allows me (with the proper privileges of course) to send email as any user in the organization.
You can use the Graph JavaScript SDK which is a wrapper around the Microsoft Graph API that can be used server-side and in the browser to send mails to users. Please refer to Graph Javascript SDK to learn more about the same. Also, refer to nodejs-connect-sample to use Microsoft Graph API and the Graph JavaScript SDK to send an email.

Starting a SQL server

I'm trying to learn web programming and I don't know what I need to do.
What I'm trying to do: download data from a 3rd party website and load it into my own private SQL database.
What I've done so far: I'm working in visual studio 2017, I've got a console JavaScript project that gets the data via https request. I've also got a SQL server project working with a table ready to receive the data. I can make entries by manually doing an insert query using the visual studio interface.
What do I do next? How do I get the SQL server to listen for insert requests from an app? How do I get the data(simple arrays of numbers with no json or xml labels) from the JavaScript app to the sql server?
Once I get the JavaScript app and the server talking to eachother, can I take the next step and just have the sql server make the https requests directly?
Hoping that your are using nodejs application.
First install mssql
npm install mssql
You can try something like this.
const sql = require('mssql')
async () => {
try {
const pool = await sql.connect('mssql://username:password#localhost/database')
const result = await sql.query`insert into ... // your query`
console.dir(result)
} catch (err) {
// ... error checks
}
}
If you are not using nodejs probably any language might have basic mysql connector which you could install and start using

How can i implement GCM in meteor web application

I want to Send push notifications from meteor website to android application using Google cloud messaging.
The way I've done it is to use the package raix:push.
To do this, first install the package, then set up a config.push.json file in your root directory. This file contains the settings for the push notifications. The most basic file you can have that allows you to use Google cloud messaging is just:
{
"gcm":{
"apiKey":"yourApiKey",
"projectNumber": 000000000
}
}
Then you can send a push notification by calling a meteor method:
Meteor.methods({
"sendPush": function(title, text, userId){
Push.send({
from: 'yourName',
title: title,
text: text,
query:{userId: userId}
});
}
});
and also calling:
Push.allow({
// Change this to determine whether the user with id userId can send
// the notification
send: function(userId, notification) {
return true; // Allow all users to send
}
});
on the server.
The above method would send a push notification to a user with _id equal to userId. You can make the query more complicated to send multiple notifications at once, just keep in mind that the field with the user's id is called userId, since this package creates a new collection to emit notifications.
This package is documented quite well: https://github.com/raix/push. Just follow the instructions for android, and take a look at the simple example.
If you don't have an api key or project number, you can follow the instructions in the documentation to set up Google cloud messaging.

Categories