npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@accedo/accedo-one-express

v3.0.0

Published

The official Accedo One middleware for Express

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

ignaciolopezgomezignaciolopezgomezaccedo-productsaccedo-products

Keywords

AppGridAccedoAccedo OneSDKNode.jsExpressMiddleware

Readme

The Accedo One Express middleware npm

   _                    _           ___
  /_\   ___ ___ ___  __| | ___     /___\_ __   ___
 //_\\ / __/ __/ _ \/ _` |/ _ \   //  // '_ \ / _ \
/  _  \ (_| (_|  __/ (_| | (_) | / \_//| | | |  __/
\_/ \_/\___\___\___|\__,_|\___/  \___/ |_| |_|\___|

Summary

This is the official Accedo One middleware for Express.

The [Accedo One SDK] for Javascript(https://github.com/Accedo-Products/accedo-one-sdk-js/) provides an easy way to make use of Accedo One APIs. This middleware provides additional benefits and makes things even easier in the context of an Express app.

We follow semantic versioning, and you may have a look at our change log here.

Compatibility

This middleware is written in ES6 (with CommonJS modules rather than ES6 Modules).

This should work from version 4, but we test on, and recommend to use the latest LTS version of Node (currently Node 6, soon Node 8).

For earlier Node versions, you may try introducing a compilation step to ES5 (through Babel or Buble, for instance). Note we did not test this and strongly suggest not using a deprecated Node version as they may lack important security fixes.

Regarding Express, we support and test against version 4.

Features

Features inherited from the Accedo One SDK for Javascript :

  • easy access to Accedo One APIs
  • automatic deviceId creation when none was provided
  • automatic session creation when none was provided (lazy - only when needed)
  • automatic session re-creation when the existing one has expired (lazy)
  • ensures only one session will be created at a time, even if a request triggers concurrent Accedo One calls

Extra features provided by this Express middleware :

  • automatic creation of Accedo One client instances for each request, attached to the response object for further use
  • automatically passes the requester's IP onto Accedo One calls for analytics and geolocated services
  • automatic reuse of the deviceId through cookies (can be customized to use anything else based on requests)
  • automatic reuse of the sessionKey through cookies (can be customized to use anything else based on requests)

Note when you use the middleware, you should also configure Express to handle proxies correctly as we rely on the IP it gives us. Do read the Express doc, and the note on this further below.

For instance: app.set('trust proxy', ['loopback', 'linklocal', 'uniquelocal'])

Documentation

| What | Link |------|------ | The Accedo One Express middleware (this project) | https://accedo-products.github.io/accedo-one-sdk-express/ | The Accedo One JS SDK | https://accedo-products.github.io/accedo-one-sdk-js/ | The Accedo One REST APIs | https://developer.one.accedo.tv

Each Express response gets associated to an Accedo One client instance, found in res.locals.accedoOneClient (when res is the response variable name).

To find what methods are available on these instances, refer to the API docs for the Accedo One JS SDK listed above.

The doc for the REST APIs is also listed as Accedo One-specific terminology is defined there.

Installation

| Your preferred CLI tool | Command |------|------ |Yarn|yarn add @accedo/accedo-one @accedo/accedo-one-express |NPM|npm install --save @accedo/accedo-one @accedo/accedo-one-express

Then you can get the default export to use the middleware:

| Method | Code |------|------ |CommonJS| const accedoOne = require('@accedo/accedo-one-express') |ES6 Module| import accedoOne from '@accedo/accedo-one-express'

Examples

Use the middleware to persist deviceId and sessionKey via cookies

const accedoOne = require('@accedo/accedo-one-express');
const express = require('express');

const PORT = 3000;

express()
// handle proxy servers if needed, to pass the user's IP instead of the proxy's. Read more about this further.
.set('trust proxy', ['loopback', 'linklocal', 'uniquelocal'])
// place the accedoOne middleware before your request handlers
.use(accedoOne({ appKey: '56ea6a370db1bf032c9df5cb' }))
.get('/test', (req, res) => {
   // access your client instance, it's already linked to the deviceId and sessionKey via cookies
   res.locals.accedoOneClient.getEntryById('56ea7bd6935f75032a2fd431')
   .then(entry => res.send(entry))
   .catch(err => res.status(500).send('Failed to get the result'));
})
.listen(PORT, () => console.log(`Server is on ! Try http://localhost:${PORT}/test`));

See also examples in the documentation linked above.

SDK development

  • Clone/fork this repo
  • Run yarn (install it first if needed)
  • Develop !
  • Before pushing, remember to:
    • add tests and check they all pass (npm test)
    • document any public API with JSDoc comments and generate the new doc (npm run doc)

More information & Links

On the Express trust proxy setting, and propagating the right IP

This middleware will set the incoming request IP (let's call it ) in the x-forwarded-for (XFF) header, when sending requests to Accedo One. The value of is what Express decides is the user’s IP.

1/ Express just acts normally when no trust proxy is set, using the incoming connection IP. So it sets to the proper IP on direct user access, and the proxy (or CDN, or such)'s IP when the user went through that.

You want to avoid reporting any proxy's IP, because it would prevent Accedo One's analytics and geolocation features from working reliably.

2/ When setting trust proxy to true (or enabling it, which does the same thing), the behaviour changes. Now, the value of will be the first value given in the incoming request's XFF header. “First value” is the left-most value. So what we are saying is that we trust every single proxy, and whatever ends up in XFF is trusted, so we pick the value that was first set (which is the user's IP when everybody plays nice and respects that order). Also note, if there is no XFF header, then the connection’s IP is used as a fallback (that’s good ! it means we can handle both CDN and direct connections).

3/ When setting trust proxy to a CSV or array of IPs, those IPs are the proxies we trust. So Express looks at the XFF's right-most IP that does not match any of those trusted proxy: this would be the first “untrusted” IP, and we consider that anything that comes before that is garbage. In that case, the right-most untrusted IP is used as the value of . Here again, if there’s no XFF, the connection IP is used.

In conclusion, we recommend setting the trust proxy value to trust loopback, linklocal, uniquelocal, AND all IPs that are part of your proxying / CDN network ahead of the server running accedo-one-express. Depending on your infrastructure, it may sometimes be more suitable to just set the trust proxy setting to true, or to use a custom function to recover the proper IP with a custom strategy.

Unit Tests

Mocha (with Chai) unit tests have been written to cover all of the exported APIs from this module. Follow the following steps in order to run them:

  • Follow the Getting Started steps above.
  • Run npm test

License

See the LICENSE file for license rights and limitations (Apache 2.0)