Created
November 30, 2016 13:07
-
-
Save andrewn/76e84b070fd20c405029fc2cf0eec0c9 to your computer and use it in GitHub Desktop.
Access github API in browser using personal access token
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title>Taxfix Question Editor</title> | |
| <link href="https://fonts.googleapis.com/css?family=Roboto" rel="stylesheet"> | |
| </head> | |
| <body> | |
| <div id='root'> | |
| </div> | |
| <script> | |
| const user = 'andrewn'; | |
| // Generate token here: https://github.com/settings/tokens | |
| const token = '<token goes here>'; | |
| const endpoint = 'https://api.github.com'; | |
| const creds = `${user}:${token}`; | |
| const auth = btoa(creds); | |
| const options = { | |
| mode: 'cors', | |
| headers: { | |
| 'Authorization': 'Basic ' + auth, | |
| } | |
| } | |
| const api = (resource) => { | |
| return fetch(`${endpoint}${resource}`, options) | |
| .then( | |
| response => response.json(), | |
| err => console.error('Error fetching', err) | |
| ) | |
| .then( | |
| json => console.log('JSON', json), | |
| err => console.error('Error parsing', err) | |
| ); | |
| } | |
| // Get info for this user | |
| api('/user'); | |
| // Get pull requests from this repo | |
| api('/repos/taxfix/taxfix-question-editor/pulls'); | |
| </script> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Unnecessary scaremongering. No where the gist mentions to host the html on a public facing site. Runing something in the browser does not mean it is exposed publicly.
Its perfectly safe to use a personal access token in the browser for personal use.