This is a working API template to implement an "Origin Data Stream API Endpoint" that is protected with MultiversX Native Auth. This "Origin Data Stream API Endpoint" can host private, personalized data about the caller or Data NFT itself. e.g., NFT or caller address trade data or historical data. The "Origin Data Stream API Endpoint" can then be used as the "Data Stream URL" on a Data NFT during minting, and only the verified holder of the Data NFT can then access this data.
The Data NFT is already protecting the origin of your Data Stream URL thanks to the abstraction encryption provided by the Data Marshal. What this means is that no one should be able to see the plaintext URL of your Data Stream origin. However, in some instances, you may still want an "extra layer" or protection for your Origin Data Stream URL in the event the URL is discovered or shared by someone with "internal" knowledge of it (e.g., dev team). This is where Native Auth protection helps, as it puts the origin Data Stream URL in "protected public mode." To turn on/off Native Auth, you can disable/enable this line on your API endpoints @UseGuards(NativeAuthGuard)
- Run
npm installin the project directory - Optionally make edits to
config.yamlor createconfig.custom.yaml - Update the
datastreamendpoint code with your own business logic
- Set the environment variables in
.envfile. (you can skip this step, the API will run without these, but they are kept as boilerplate for future use)
PORT=3000
DB_HOST=localhost
DB_PORT=3306
DB_USERNAME=root
DB_PASSWORD=root
DB_DATABASE=example
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
REDIS_PASSWORD=
REDIS_USERNAME=- Run the API
npm run start:devnet:watchYou should then see the swagger portal on http://localhost:3000/, where you can test your API.
Important
In order to test the NativeAuth guarded endpoints, you need to "whitelist" in the acceptedOrigins section of the config.devnet.yaml file, the origin from which you are generating the requests.
This open-source SOFTWARE PRODUCT is provided by THE PROVIDER "as is" and "with all faults." THE PROVIDER makes no representations or warranties of any kind concerning the safety, suitability, lack of viruses, inaccuracies, typographical errors, or other harmful components of this SOFTWARE PRODUCT. There are inherent dangers in the use of any software, and you are solely responsible for determining whether this SOFTWARE PRODUCT is compatible for your needs. You are also solely responsible for the protection of your equipment, your private credentials (e.g AWS account Key and Secret, GitHub access credentials etc.) and backup of your data, and THE PROVIDER will not be liable for any damages you may suffer in connection with using, modifying, or distributing this SOFTWARE PRODUCT.