Skip to content

keyqcloud/kyte-api-js

Repository files navigation

Kyte JS Framework

Deploy to CDN CodeQL License: MIT Latest release

Browser-side JavaScript SDK for the Kyte low-code platform. Provides authenticated CRUD against a Kyte API endpoint, plus utility widgets (KyteTable, KyteForm, KyteNav, KyteSidenav) used by Kyte Shipyard and customer-built apps.

Install

CDN (recommended for production):

<script src="https://cdn.keyqcloud.com/kyte/js/stable/kyte.js" crossorigin="anonymous"></script>

Pin to a specific version:

<script src="https://cdn.keyqcloud.com/kyte/js/archive/kyte-2.0.0.js" crossorigin="anonymous"></script>

Quick start

KyteJS supports two authentication modes. Pick one at construction time.

HMAC (default, backward compatible with v1.x)

const k = new Kyte(endpoint, publicKey, identifier, accountNumber, applicationId);
k.init();
k.sessionCreate({ email, password }, onSuccess, onError);

Every CRUD request goes through sign() and carries x-kyte-signature / x-kyte-identity headers. This is what every Kyte app shipped before v2.

JWT (new in v2.0)

const k = new Kyte(endpoint, null, null, null, applicationId, { authMode: 'jwt' });
k.init();
k.sessionCreate({ email, password }, onSuccess, onError);

sessionCreate posts to /jwt/login, stores an access JWT plus a rotating refresh token, and all subsequent get/post/put/delete calls carry Authorization: Bearer <jwt>. The access token auto-refreshes via /jwt/refresh ~30 seconds before expiry; concurrent requests share a single in-flight refresh.

Requires kyte-php ≥ v4.4 on the server side with KYTE_JWT_SECRET configured.

CRUD

Same surface in both auth modes:

k.get('Model', 'id', 42, [], onSuccess, onError);
k.post('Model', { name: 'Example' }, null, [], onSuccess, onError);
k.put('Model', 'id', 42, { name: 'Updated' }, null, [], onSuccess, onError);
k.delete('Model', 'id', 42, [], onSuccess, onError);

Building from source

The single source file is kyte-source.js. Tagging a release is all that's needed locally:

./release.sh 2.0.2

The script verifies the version in CHANGELOG.md matches the argument, ensures the working tree is clean and on master in sync with origin, then tags v<version> and pushes.

The tag push triggers .github/workflows/deploy.yml, which installs terser, minifies kyte-source.js into kyte.js (+ source map) and kyte.min.js, prepends the copyright notice, uploads to S3, invalidates the CloudFront distribution, and creates the GitHub Release with notes extracted from CHANGELOG.md. The build artifacts live only in S3/CloudFront — they are not committed back to the repo.

No obfuscation — KyteJS is MIT-licensed open source and source-readable on GitHub; obfuscation would only inflate bundles and break customer stack traces without any security benefit. Per-app API keys are obfuscated separately by Shipyard when it embeds them in customer pages — that's a different concern.

Compatibility

  • Modern evergreen browsers (Chrome, Firefox, Safari, Edge)
  • jQuery 3.5+ (peer dependency — kyte-source.js assumes $ is loaded first)
  • Bootstrap 5 + DataTables 1.10 (only for the KyteTable / KyteForm widgets)

Contributing

Commits must follow Conventional Commits so that releases can be automated. See CONTRIBUTING.md for the convention and the release flow.

Quick reference:

  • feat: <description> → minor bump
  • fix: <description> → patch bump
  • feat!: <description> or BREAKING CHANGE: footer → major bump
  • docs:, test:, ci:, chore:, refactor: → no version bump

License

MIT © KeyQ, Inc.

About

No description, website, or topics provided.

Resources

Contributing

Stars

0 stars

Watchers

2 watching

Forks

Packages

 
 
 

Contributors