hoppinger/preview_entity

Drupal module to provide preview functionality to the Headless CMS

Maintainers

Details

github.com/hoppinger/preview_entity

Homepage

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 4

Forks: 0

Open Issues: 0

Type:drupal-module

dev-master 2021-12-08 12:03 UTC

GPL-2.0+ b2cc1fd8cd9e4390f7ba241ef1397a843c884456

  • Rolf van de Krol
  • Ashwini Mone
  • Amit Ajgaonkar

This package is auto-updated.

Last update: 2024-05-08 18:25:42 UTC

README

This module is built to provide a preview functionality to a Headless drupal website. It provides an endpoint which can be used to fetch the data per revision of the node.

The user navigates to [FRONTEND URL]/preview/[ENTITY TYPE]/[ENTITY ID]/[REVISION ID]?token=[VALIDATION TOKEN].

Drupal presents this URL in the interface to the user. Drupal can construct the path part of this URL very easily. The validation token URL parameter is constructed by Drupal using the following process. For the process it uses the following parameters:

  • Timestamp: a unix timestamp number, in seconds since the epoch. The timestamp indicates the time until the link should be valid. So it is not the current time.
  • Entity *: Parameters that indicate which entity should be previewed.
  • Shared secret: A secret key that is shared between the Drupal and .Net applications. It should be kept a secret, because with it an attacker can generate preview URLs for unpublished content.

The frontend application receives the request to the specified URL, extracts the entity and revision parameters from the path and the token parameter and validates them

Configuration

Update the settings.php file to include these parameters

$settings["frontend_domain_url"] = "FRONTEND_DOMAIN_URL";
$settings["shared_secret"] = "SHARED_SECRET";
$settings["preview_valid_days"] = "5";