You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+27-1Lines changed: 27 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1150,7 +1150,7 @@ async function deleteRows() {
1150
1150
</details>
1151
1151
1152
1152
<details id="in-the-browser"><summary><strong>In the browser</strong></summary>
1153
-
<p>You can use <strong><i>Orange</i></strong> in the browser by using the adapter for Express. Instead of sending raw SQL queries from the client to the server, this approach records the method calls in the client. These method calls are then replayed at the server, ensuring a higher level of security by not exposing raw SQL on the client side.
1153
+
<p>You can use <strong><i>Orange</i></strong> in the browser by using the adapter for Express or Hono. Instead of sending raw SQL queries from the client to the server, this approach records the method calls in the client. These method calls are then replayed at the server, ensuring a higher level of security by not exposing raw SQL on the client side.
1154
1154
Raw sql queries, raw sql filters and transactions are disabled at the http client due to security reasons. If you would like Orange to support other web frameworks, like nestJs, fastify, etc, please let me know.</p>
1155
1155
1156
1156
<sub>📄 server.ts</sub>
@@ -1197,6 +1197,32 @@ async function updateRows() {
1197
1197
1198
1198
```
1199
1199
1200
+
__Hono adapter__
1201
+
1202
+
You can host the same HTTP endpoint with Hono by replacing `db.express()` with `db.hono()`. The browser client setup stays the same (`map.http(...)`), so you can reuse the `browser.ts` example above.
1203
+
1204
+
<sub>📄 server.ts</sub>
1205
+
1206
+
```ts
1207
+
importmapfrom'./map';
1208
+
import { Hono } from'hono';
1209
+
import { cors } from'hono/cors';
1210
+
import { serve } from'@hono/node-server';
1211
+
1212
+
constdb=map.sqlite('demo.db');
1213
+
constapp=newHono();
1214
+
1215
+
app.use('/orange', cors());
1216
+
app.use('/orange/*', cors());
1217
+
// for demonstrational purposes, authentication middleware is not shown here.
1218
+
app.all('/orange', db.hono());
1219
+
app.all('/orange/*', db.hono());
1220
+
1221
+
serve({ fetch:app.fetch, port:3000 });
1222
+
```
1223
+
1224
+
`baseFilter` and transaction hooks are also supported in `db.hono({...})`, using Hono-style request/response objects.
1225
+
1200
1226
__Interceptors and base filter__
1201
1227
1202
1228
In the next setup, axios interceptors are employed on the client side to add an Authorization header of requests. Meanwhile, on the server side, an Express middleware (validateToken) is utilized to ensure the presence of the Authorization header, while a base filter is applied on the order table to filter incoming requests based on the customerId extracted from this header. This combined approach enhances security by ensuring that users can only access data relevant to their authorization level and that every request is accompanied by a token. In real-world applications, it's advisable to use a more comprehensive token system and expand error handling to manage a wider range of potential issues.
0 commit comments