git leaks, improve readme

descope · asafshen · Apr 9, 2023 · Apr 6, 2023 · Apr 6, 2023 · Apr 6, 2023
commit 5590468a68fa1bdf6300675477302c37a0bb2ad7
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -3,6 +3,25 @@ on: push
 env:
  NODE_VERSION: 18.2
 jobs:
+ gitleaks:
+ name: 🔒 Run Git leaks
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v3
+ - uses: actions/setup-node@v3
+ with:
+ node-version: ${{ env.NODE_VERSION }}
+ # Skip post-install scripts here, as a malicious
+ # script could steal NODE_AUTH_TOKEN.
+ - name: Install dependencies
+ run: npm ci --ignore-scripts
+ env:
+ CI: true
+ NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+ - name: Gitleaks
+ run: npm run leaks
+ shell: bash
  pr:
  name: 👷 Build / Lint / Test
  runs-on: ubuntu-latest
@@ -22,6 +41,7 @@ jobs:
  env:
  CI: true
  NODE_AUTH_TOKEN: ${{ secrets.CI_NPM_READ_ORG }}
+
  - name: Build
  run: pnpm run build
  env:

diff --git a/package.json b/package.json
@@ -7,6 +7,7 @@
  "postbuild:ci_": "pnpm -r $(npm run print-affected:ci | tail -n 1 | sed 's/, / --filter /g;s/^/--filter /') exec pwd | sed 's/$/\\//' | xargs -I {} rsync -av --progress {} /Users/nirgurarie/dev/monorepo-playground/dist/packages/ --exclude node_modules",
  "build": "nx affected --target build",
  "build:ci": "pnpm affected:ci --target build --parallel 1",
+ "leaks": "bash ./tools/scripts/gitleaks/gitleaks.sh",
  "lint": "nx affected --target lint --fix=true",
  "lint:ci": "pnpm affected:ci --target lint",
  "test": "nx affected --target test",

diff --git a/packages/web-js-sdk/README.md b/packages/web-js-sdk/README.md
@@ -17,7 +17,11 @@ import descopeSdk, { getSessionToken } from '@descope/web-js-sdk';
 
 const myProjectId = 'xxx';
 // Passing persistTokens as true will make `sdk.getSessionToken()` available, see bellow
-const sdk = descopeSdk({ projectId: myProjectId, persistTokens: true });
+const sdk = descopeSdk({
+ projectId: myProjectId,
+ persistTokens: true,
+ autoRefresh: true,
+});
 
 sdk.onSessionTokenChange((newSession, oldSession) => {
  // handle session token change...
@@ -26,11 +30,28 @@ sdk.onSessionTokenChange((newSession, oldSession) => {
 sdk.onUserChange((newUser, oldUser) => {
  // handle user change...
 });
+
+// It is common to call the refresh function after sdk initialization, for a case that the browser has the refresh token on storage/cookie
+// Note that if autoRefresh is true, and refresh is successful -
+// The sdk will automatically continue to refresh the token
+sdk.refresh();
+
+// Alternatively - use the sdk's available authentication methods to authenticate the user
 const userIdentifier = 'identifier';
-sdk.otp.signIn.email(userIdentifier);
+let res = await sdk.otp.signIn.email(userIdentifier);
+if (!res.ok) {
+ throw Error('Failed to sign in');
+}
+
+// Get the code from email and
+const codeFromEmail = '1234';
+res = await sdk.otp.verify.email(userIdentifier, codeFromEmail);
+if (!res.ok) {
+ throw Error('Failed to sign in');
+}
 
 // Get session token
-// can be used to pass token to server on header
+// Can be used to pass token to server on header
 const sessionToken = sdk.getSessionToken();
 ```