Noded/backend
3
0
Fork 0
Code Issues 19 Pull Requests Releases Wiki Activity

DB API Reads

Browse Source
This commit is contained in:
garrettmills
2020-03-01 15:37:52 -06:00
parent fc5fc14b3f
commit dfcaf046c6
17 changed files with 585 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
app/routing/middleware/api/DatabaseRoute.middleware.js Normal file
View File

@@ -0,0 +1,30 @@
const Middleware = require('libflitter/middleware/Middleware')
/*
* DatabaseRoute Middleware
* -------------------------------------------------------------
* Put some description here!
*/
class DatabaseRoute extends Middleware {
static get services() {
return [...super.services, 'models']
}
async test(req, res, next, args = {}){
const Database = this.models.get('api:db:Database')
const id = req.params.database_id ? req.params.database_id : (req.query.database_id ? req.query.database_id : false)
if ( !id ) return res.status(400).message('Missing required: database_id').api()
const db = await Database.findOne({UUID: id})
if ( !db ) return res.status(404).message('Unable to find database with that ID.').api()
if ( !(await db.is_accessible_by(req.user)) ) return req.security.deny()
if ( !req.form ) req.form = {}
req.form.database = db
next()
}
}
module.exports = exports = DatabaseRoute

52
app/routing/middleware/api/auth/BearerToken.middleware.js Normal file
View File

@@ -0,0 +1,52 @@
const Middleware = require('libflitter/middleware/Middleware')
/*
* BearerToken Middleware
* -------------------------------------------------------------
* Put some description here!
*/
class BearerToken extends Middleware {
static get services() {
return [...super.services, 'models']
}
/*
* Run the middleware test.
* This method is required by all Flitter middleware.
* It should either call the next function in the stack,
* or it should handle the response accordingly.
*/
async test(req, res, next, args = []){
const Token = this.models.get('api:Token')
const token_string = req.headers.authorization
if ( !token_string ) return this.fail(res, )
else if ( !token_string.startsWith('bearer ') ) return this.fail(res, 'Invalid authorization token. Prefix with "bearer".')
try {
const token = await Token.verify(token_string.replace('bearer ', ''))
const user = await token.user()
if ( !user || !token ) return this.fail(res)
if ( Array.isArray(args) ) {
for (const grant of args) {
if (!token.can(grant)) {
return this.fail(res)
}
}
}
req.user = user
req.token = token
next()
} catch (e) {
return this.fail(res, String(e))
}
}
fail(res, msg = 'Unauthorized') {
return res.status(401).message(msg).api({})
}
}
module.exports = exports = BearerToken

4
app/routing/routers/api/v1.routes.js
View File

@@ -12,6 +12,10 @@ const index = {
],
get: {
'/token': [
'controller::api:v1:Misc.get_token',
],
// Get the file ref node config for the specified file ref
'/files/:PageId/:NodeId/get/:FilesId': ['controller::api:v1:File.get_config'],

43
app/routing/routers/api/v1/database.routes.js Normal file
View File

@@ -0,0 +1,43 @@
module.exports = exports = {
prefix: '/db_api/v1',
middleware: [
// JWT authorization middleware. Sets req.user and req.token.
// Second param is array of required grants.
['api:auth:BearerToken', ['database']],
],
get: {
'/': [ 'controller::api:v1:DatabaseAPI.databases' ],
'/:database_id': [
'middleware::api:DatabaseRoute',
'controller::api:v1:DatabaseAPI.get_database',
],
'/:database_id/columns': [
'middleware::api:DatabaseRoute',
'controller::api:v1:DatabaseAPI.get_columns',
],
'/:database_id/columns/order': [
'middleware::api:DatabaseRoute',
'controller::api:v1:DatabaseAPI.get_columns_order',
],
'/:database_id/data': [
'middleware::api:DatabaseRoute',
'controller::api:v1:DatabaseAPI.get_data',
],
'/:database_id/record/:record_id': [
'middleware::api:DatabaseRoute',
'controller::api:v1:DatabaseAPI.get_record',
],
},
post: {
},
}