Secure a Web Search Client with Middleware

Middleware secures the information flow between your search client and SearchUnify's servers by encrypting the access token that is passed along with each search query.

Data Flows and Middleware

Data Flow Without Middleware

Setting up middleware will enhance data security. For maximum security, it is recommended to put the middleware in the environment you control.

Data Flow With Middleware

Prerequisites

• Colubridae 19 or newer SearchUnify instance
• Middleware (It's a code base that you can get from your SearchUnify representative.)
• Search client of type Website
• Server with Node.js installed

Download Search Client and Copy index.html Header

  1. Go to Search Clients and click  to download a search client.

  2. Unzip the search client, open index.html, and copy the header.

Set Up Middleware

  1. Unzip middleware.
  2. Navigate to ~/middleware.
    $ cd ~/middleware
  3. Create a file named .env.
  4. Insert your client ID, client secret, base URL, and secret key into .env and save the file.

  5. Go to ~/views and open index.ejs.
  6. Replace the header in index.ejs with the code copied from index.html.

  7. Assign value the address of the server and the port where the search client will run.
    <input id="wpBaseUrl" type="hidden" value="https://{{hostname}}:5000">

  8. Save the file.
  9. Activate node in middleware.
    $ cd ~/middleware
    [~middleware]$ npm start

The data flows will be secure as long as npm is running. In a production environment, npm can be replaced with pm2.

Last updatedFriday, November 27, 2020