api-session

!Build Status

A session manager for APIs

📦 Installation

``sh
npm install @janiscommerce/api-session
`

:gear: API

The package exports two classes ApiSession and ApiSessionError.

$3

Creates an APISession with the authorizationData provided or the client for direct injection.

#### Parameters

- authorizationData is an optional _object_ with the following (also optional) properties: { userId, clientId, clientCode, profileId, permissions, hasAccessToAllLocations, locations, warehousesIds }
- client is an optional _object_ for client injection without performing any DB gets

$3

Validate if the location given is valid for the session. It validates against the locations and the hasAccessToAllLocations boolean.
Returns Boolean.

$3

Validate if the warehouse given is valid for the session. It validates against the warehousesIds and the hasAccessToAllLocations boolean.
Returns Boolean.

$3

ApiSession has the following getters:

* userId {string} The ID of the user or undefined in case there is no user
* userIsDev {boolean} If user is dev
* serviceName {string} The name of the service or undefined in case there is no service
* isService {boolean} If session is associated to a service
* clientId {string} The ID of the client or undefined in case there is no client
* clientCode {string} The code of the client or undefined in case there is no client
* currency {string|undefined} The currency of the client or undefined in case there is no client nor currency related. _Since 3.4.0_
* currencyDisplay {string} The currency display of the client or default value in case there is no client. Possible values: code, symbol. Default: symbol. _Since 3.4.0_
* profileId {string} The ID of the profile or undefined in case there is no profile
* hasAccessToAllLocations {boolean} If has access to all locations
* locations {array} The List of Locations to which the user has permissions
* warehousesIds {array} The List of Warehouses to which the user has permissions. _Since 3.3.0_
* permissions {array} The permission keys or undefined in case there are no permissions associated
async* client {object} Resolves to the client object with the getInstance() method injected. The properties depend on your client internal structure. The client is injected with a getInstance() method to propagate the session to other instances.

Model Client

The package uses the Client Model in our service for getting the clients. For more information see @janiscommerce/model

Usage

`js
const { ApiSession, ApiSessionError } = require('@janiscommerce/api-session');
`

Examples

`js
const { ApiSession } = require('@janiscommerce/api-session');

const SomeModel = require('../models/some-model');

const session = new ApiSession({
userId: 1,
userIsDev: false,
clientId: 2,
clientCode: 'janis',
profileId: 5,
permissions: [
'catalog:product:read',
'catalog:product:write'
],
locations: ['location-1'],
hasAccessToAllLocations: false
});

console.log(Session created for user ${session.userId} on client ${session.clientCode}.);

const sessionInjectedModel = session.getSessionInstance(SomeModel, 'some-param', 'some-other-param');

console.log(Session is propagated for user ${sessionInjectedModel.session.userId} on client ${sessionInjectedModel.session.clientCode}.);

const client = await sessionInjectedModel.session.client;

console.log(client);
// Outputs your client object

const hasAccess = session.validateLocation('location-1');

console.log(Session has access to location 1: ${hasAccess});
// Outputs 'Session has access to location 1: true'
``