search

typesense / typesense-js

JavaScript / TypeScript client for Typesense
https://typesense.org/docs/api
Apache License 2.0
400 stars 74 forks source link

How can use in Node.js with client certificate for security #159

Open mhf-ir opened 1 year ago

mhf-ir commented 1 year ago

Description

I need to full control client in nodejs. server could be behind nginx with mutual tls validation. using httpsAgent

Steps to reproduce

how can i add in Node.js ENV add ca client-cert and client-key?

Expected Behavior

axios client certificate supported fully

Actual Behavior

there is no documentation for that. Even in server hardening configuration.

jasonbosco commented 1 year ago

Since axios supports global defaults, could you try doing something like this in your code:


const fs = require('fs');
const https = require('https');
const axios = require('axios');

// ...
const httpsAgent = new https.Agent({
  cert: fs.readFileSync('client.crt'),
  key: fs.readFileSync('client.key'),
  ca: fs.readFileSync('ca.crt'),
});

axios.defaults.httpsAgent = httpsAgent;
mhf-ir commented 1 year ago

options must pass as instance of http client. i think could be extra options that merge all axios options might be needed for any usecase. why not? global setting for entire library not good practice i think. specially when you using axios other part of your project.

however it's good to replace axios with native JS ecosystem fetch: https://caniuse.com/fetch And since version v16.15.0 added: https://nodejs.org/dist/latest-v16.x/docs/api/globals.html#fetch

for older browser: https://github.com/github/fetch (just be part of document)

<script>
if (!('fetch' in window)){
  document.write('<script src="https://cdn.jsdelivr.net/npm/whatwg-fetch@3.6.2/dist/fetch.umd.min.js"></script>');
}
</script>

many developer not care about older browser. could be enough