Skip to content

Instantly share code, notes, and snippets.

@abhijitmehta

abhijitmehta/Impala REST API From Frontend.md

Last active July 21, 2021 12:24
Show Gist options
  • Save abhijitmehta/833bfccf6b7d3da3bda621bf0b14570c to your computer and use it in GitHub Desktop.
Save abhijitmehta/833bfccf6b7d3da3bda621bf0b14570c to your computer and use it in GitHub Desktop.
Download ZIP
Example serverless function (tested on Netlify Functions) that one could call from their frontend application to retrieve results from Impala REST API
Raw
Impala REST API From Frontend.md

This is an example serverless function (tested on Netlify Functions) that you could call from their frontend application to retrieve results from Impala REST API.

ℹ️ Please see below, a reference architecture for one of the secure ways of calling Impala APIs(any external APIs, for that matter) from your frontend application.

❌ NEVER STORE YOUR CREDENTIALS ON CLIENT SIDE.

  • Store your credentials server side. Fetch the API response to any external API from this endpoint and then pass them to the frontend.
  • For ease, you can build a lean endpoint on any preferred serverless offerings like AWS lambda, Azure/Google/Vercel Functions

⚠️ Remember

  • For web apps, all the frontend code is visible on browser. By storing your API credentials on client side, your credentials are exposed and open to being compromised.
  • For mobile apps, one could reverse engineer your app on the device and find your credentials

Impala REST API From Frontend

Raw
sample_serverless_getHotels.js
/*
This is an example serverless function (tested on Netlify Functions) that one could call from their frontend application
to retrieve results from Impala REST API.
Also attached is one of the secure ways of calling Impala APIs(any external APIs, for that matter) from your frontend application.
NEVER STORE YOUR CREDENTIALS ON CLIENT SIDE.
- Store your credentials server side. Fetch the API response to any external API from this endpoint and then pass them to the frontend.
- For ease, you can build a lean endpoint on any preferred serverless offerings like AWS lambda, Azure/Google/Vercel Functions
Remember
- For web apps, all the frontend code is visible on browser. By storing your API credentials on client side, your credentials are exposed and open to being hacked.
- For mobile apps, one could reverse engineer your app on the device and find your credentials
*/
import axios from 'axios';
require('dotenv').config();
export async function handler(event, context) {
const { queryStringParameters } = event;
const latitude = queryStringParameters?.latitude;
const longitude = queryStringParameters?.longitude;
// replace with your actual query in the API call
let url = `https://sandbox.impala.travel/v1/hotels?size=12&offset=0&sortBy=createdAt%3Adesc`;
if (latitude && longitude) {
url += `&latitude=${latitude}&longitude=${longitude}&radius=10000`;
}
try {
const response = await axios.get(url, {
headers: {
'x-api-key': `${process.env.IMPALA_API_KEY}`,
Accept: 'application/json',
},
});
return {
statusCode: 200,
body: JSON.stringify(response.data),
};
} catch (err) {
console.log(err); // output to netlify function log
return {
statusCode: 500,
body: JSON.stringify({ msg: err.message }),
};
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment