Light

mfrachet / progressively Goto Github PK

View Code? Open in Web Editor NEW

5.0 5.0 0.0 10.24 MB

(In progress) personal feature flag solution

Home Page: https://mfrachet.github.io/progressively/

License: MIT License

JavaScript 1.65% TypeScript 96.64% CSS 0.69% Shell 0.20% Dockerfile 0.16% HTML 0.66%

progressively's Introduction

👋 Hello, I'm Marvin

I'm a french software developer loving testing automation and trying my best to focus on ethical solutions. Mostly building products with Typescript, React and React Native.

I used to build Strapi and Gatsby Cloud in a previous life.

Secretly dreaming of becoming an IT teacher.

progressively's People

Contributors

$mfrachet avatar$

Stargazers

Watchers

progressively's Issues

Limit resource access

Some endpoints were only verifying against the project ID passed as argument in order to determine whether the resource is forbidden or not.

Context

For instance, let's say we have a project A with env 1 and 2 and a project B with env 3.

If a user of the project A tries to get /projects/A/environments/1/flags, they get the flag of the env 1
If a user of the project A tries to get /projects/B/environments/13flags, they get a 403
HOWEVER, - If a user of project A tries to get /projects/A/environments/**3**/flags, they get the flags of the env 3 without having access to it.

Command to generate API tokens for swagger

Redis backend for websockets

Improve password constraints

Special chars
Length etc...
Remove the password generation constraint in project.controller when adding a member (filling an empty password instead of a math.random one)

Ping/Pong for websockets

Make sure to have ping/pong for websockets and eventually to fallback to API interval when the connection can't be established (polling instead of pushing when necessary)

find a way to start a mail server for E2E tests

Shift out of Chakra in order to use Radix / Stitches

Lerna is deprecated, find another tool

Dealing with anonymous users

In order to deal with advanced rollout strategies such as "percentage-based", the user id needs to exist in the field passed to the API.

In Progressively, the user ID should be passed in the fields props of the provider like following:

 const ssrProps = await getSSRProps("valid-sdk-key", {
    fields: {
      id: "1",
    },
  });

The problem appears when the user is anonymous: how to use a "consistent-ish" id to display the valid variant to the user on subsequent visits?

When running only client-side only (no SSR)

Generate the ID with nanoid in Nestjs #69
Store it in a cookie #69
Init WebSockets with the value in the cookie #72

When running on the server + client-side (with SSR)

Generate the user ID in Nestjs with nanoid #69
Send it back to the SSR client in a cookie #70
Init WebSockets with the value in the cookie #72

Does not seem necessary but to keep in mind

Not necessary since the API will always request using the field id

forward the request to the API
On subsequent requests, the client sends the cookie to the server (make sure to forward it from next to nestjs)

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.