algoliasearch-client-javascript
algoliasearch-client-javascript copied to clipboard
feat(auth): introduce WithinBody option for AuthMode
fixes #1035
Implementation is done by:
- adding a new auth mode
- adding data as the return type for createAuth
- expose data from transporter
- serialize transporter data
- map api key back to query parameter if GET
This doesn't automatically switch to body if the key is too long, the option authMode needs to be set
algoliasearch('', '', { authMode: AuthMode.WithinBody })
TODO
- [ ] tests
- [ ] validate this works
This pull request is automatically built and testable in CodeSandbox.
To see build info of the built libraries, click here or the icon next to each commit SHA.
Latest deployment of this branch, based on commit 9281ee9154cfc78d77d35cb4f299a4315a3bf21b:
Sandbox | Source |
---|---|
javascript-client-app | Configuration |
it's in the todo @tkrugg
@Haroenv Any news on this PR? It'd be great to have this released to fix #1035
Sorry, there was too many places to change in this unplanned PR, but withinHeaders should be an in-between solution, as it has a higher limit (but doesn't avoid a cors preflight request) @jpreynat
Thanks for the suggestion @Haroenv. But sadly we already tried using withinHeaders
and we have some cases where the limit is too small for us, preventing us from switching from version 3 to version 4.
Are there any plans on your side to have the withinBody
option released at some point?
At the moment it's not yet on the roadmap, as I made this pull request a while ago in an experiment. I will however ask the current owners of this repo whether they can take a look (@shortcuts, @millotp)
@Haroenv @shortcuts @millotp @tkrugg can this prioritized now? it's really preventing enterprise users from the full performance benefits of algolia if we can't use long secured api keys from the browser
Sorry, I'm not on this team anymore @humanbagel, but I do know that algoliasearch v3 had this feature, so you can use that before it's prioritised to be fixed. Someone who's actually on the api clients team can give more information on prioritisation