{"id":19645764,"url":"https://github.com/approov/quickstart-nodejs-koa_shapes-api","last_synced_at":"2026-05-20T07:03:30.199Z","repository":{"id":42470698,"uuid":"275169805","full_name":"approov/quickstart-nodejs-koa_shapes-api","owner":"approov","description":"An Approov Token integration example for NodeJS with Koa.","archived":false,"fork":false,"pushed_at":"2024-08-07T14:55:42.000Z","size":769,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-01-09T20:53:15.110Z","etag":null,"topics":["api","api-security","approov","approov-backend","approov-backend-quicksart","approov-integration","approov-quickstart","nodejs","security"],"latest_commit_sha":null,"homepage":"https://approov.io","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/approov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-26T14:03:14.000Z","updated_at":"2024-08-07T14:55:39.000Z","dependencies_parsed_at":"2024-08-07T17:54:16.622Z","dependency_job_id":null,"html_url":"https://github.com/approov/quickstart-nodejs-koa_shapes-api","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-nodejs-koa_shapes-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-nodejs-koa_shapes-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-nodejs-koa_shapes-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/approov%2Fquickstart-nodejs-koa_shapes-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/approov","download_url":"https://codeload.github.com/approov/quickstart-nodejs-koa_shapes-api/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240952991,"owners_count":19884020,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","api-security","approov","approov-backend","approov-backend-quicksart","approov-integration","approov-quickstart","nodejs","security"],"created_at":"2024-11-11T14:35:10.286Z","updated_at":"2026-05-20T07:03:25.159Z","avatar_url":"https://github.com/approov.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Approov 2 Shapes Server - Node-Koa\n\nApproov 2 shapes server using node.js with koa.\n\n## TOC\n\n* [Traefik Production Deployment](#traefik-production-deployment)\n* [Localhost Usage for Development](#localhost-usage-for-development)\n* [Postman Collection](#postman-collection)\n* [License](#license)\n\n## TRAEFIK PRODUCTION DEPLOYMENT\n\n### Configure the Environment\n\nCreate a `.env` file in the root of this project:\n\n```bash\n# Used to start the NodeJS Koa server and to tell Traefik what port to use to\n# reach the server in the docker network for Traefik, thus this port it's\n# internal and never exposed to the host machine or the internet.\nHTTP_PORT=8002\n\n# The domain that Traefik will be listening for https requests on port 443. All\n# http requests to port 80 will be automatically redirected to https port 443.\nPUBLIC_DOMAIN=shapes.approov.io\n\n# Get it with: approov secret -get base64\nAPPROOV_SECRET=approov-base64-encoded-secret-here\n\n# To try out this quickstart you can quickly generate an API key with:\n# $ strings /dev/urandom | grep -o '[[:alpha:]]' | head -n 128 | tr -d '\\n'; echo\nAPI_KEY=your_api_key_here\n```\n\n[TOC](#toc)\n\n### Start the Server\n\nStart it with docker compose:\n\n```\ndocker-compose up -d\n```\n\nTraefik will detect the container and create on the fly a new certificate for the domain we specified in `PUBLIC_DOMAIN`, and when the time arrives, will be in charge of renewing it with the same public key.\n\n[TOC](#toc)\n\n### Tail the Server Logs\n\n```\nsudo docker-compose logs --follow --tail 10\n```\n\n[TOC](#toc)\n\n### Destroy the Server\n\n```\ndocker-compose down\n```\n\n[TOC](#toc)\n\n\n## LOCALHOST USAGE FOR DEVELOPMENT\n\n```\n$ ./stack --help\n\nDOCKER STACK CLI WRAPPER\n\nThis bash script is a wrapper around docker commands to build and run the nodejs server.\n\nSignature:\n  ./stack [options] \u003ccommand\u003e\n\n\nUsage:\n  ./stack\n  ./stack [-h | --help] [-u | --user] \u003ccommand\u003e\n\n\nOptions:\n  -h | --help  Shows this help.\n  -p | --port  The host port to access the docker container.\n  -u | --user  Set the user to use in the docker container.\n\n\nCommands/Args:\n  build     Builds the docker image for this stack:\n              ./stack build\n\n  up        Starts the nodejs server:\n              ./stack up\n              ./stack --port 3000 up\n\n  shell     Starts a shell in the docker container:\n              ./stack shell\n              ./stack --user root shell\n              ./stack --port 3000 --user root shell\n\n\n```\n\n[TOC](#toc)\n\n\n## POSTMAN COLLECTION\n\nThe Shapes API can be tested in Localhost or in a Production staging server with [this Postman collection](https://raw.githubusercontent.com/approov/postman-collections/master/quickstarts/shapes-api/shapes-api.postman_collection.json).\n\nTo use it you will need to start the server with this `.env` file:\n\n```bash\nPUBLIC_DOMAIN=your.domain.com\nHTTP_PORT=8002\nENABLE_LOGGING=true\n\n# Feel free to play with different secrets. For development you can create them with:\n# $ openssl rand -base64 64 | tr -d '\\n'; echo\nAPPROOV_SECRET=h+CX0tOzdAAR9l15bWAqvq7w9olk66daIH+Xk+IAHhVVHszjDzeGobzNnqyRze3lw/WVyWrc2gZfh3XXfBOmww==\n\n# Dummy API Key for the v3 endpoint was generated with:\n# $ strings /dev/urandom | grep -o '[[:alpha:]]' | head -n 25 | tr -d '\\n'; echo\nAPI_KEY=yXClypapWNHIifHUWmBIyPFAm\n```\n\nPlease adjust `your.domain.com` to the domain being used by your server or just replace with `localhost` when running the Shapes API server from your own machine.\n\nYou can use this same Postman collection to test the Production server, but then you need to manually update the `Approov-Token` header for each valid request example in the collection with an example token from the Approov CLI:\n\n```\napproov token -genExample shapes.approov.io\n```\n\n[TOC](#toc)\n\n\n## LICENSE\n\n----\n\nCopyright 2021 CriticalBlue, Ltd.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n----\n\n[TOC](#toc)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapproov%2Fquickstart-nodejs-koa_shapes-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapproov%2Fquickstart-nodejs-koa_shapes-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapproov%2Fquickstart-nodejs-koa_shapes-api/lists"}