Changed how paths are handled by server.js, to more closely match the Angular

dev environment. New paths: /api/login: redirects to SSO /api: all calls (other than above) are sent to cloudapi /: static content served from static/ All API calls to cloudapi now pass through server.js's HTTP /api, not /. The static/static path is now gone, since it was causing too much trouble. static/ is now a symlink directly to app/dist, which is where a fresh Angular build appears when app/ is built.
2021-04-10 21:14:09 +02:00 · 2021-04-10 21:14:09 +02:00 · 8672439358
commit 8672439358
parent 18d35b5172
5 changed files with 39 additions and 41 deletions
--- a/README.md
+++ b/README.md
@ -25,46 +25,39 @@ The SSH key used must be the correct format, e.g. generated with:
 # Endpoints
-## GET /static/*
+## GET /*
 This is where all the front-end code goes. All files will be served as-is as
-found in that directory. The default is static/index.html. There is no
+found in that directory (by default a symlink to app/dist). The default is
-authentication; all files are public.
+static/index.html. There is no authentication; all files are public.
-## GET /login
+## GET /api/login
 Call this endpoint to begin the login cycle. It will redirect you to the SSO
 login page: an HTTP 302, with a Location header.
-## GET /token
+## GET/POST/PUT/DELETE/HEAD /api/*
-Upon successful login, the SSO login page will redirect to this endpoint. This
+All calls will be passed through to cloudapi. For these calls to succeed,
-endpoint will return a 204, along with a X-Auth-Token header that must be saved
+they MUST provide an X-Auth-Token header, containing the token returned from
-by the front-end code. All subsequent calls should provide this X-Auth-Token
+SSO.
 header.
 ## Other
 All other calls will be passed through to cloudapi. For these calls to succeed,
 they MUST provide the X-Auth-Token header that the /token endpoint returns.
 # Interaction cycle
-client --- GET /login --------> this server
+client --- GET /api/login --------> this server
       <-- 302 Location #1 ----
 client --- GET <Location #1> --> SSO server
       <separate SSO cycle>
-       <-- 302 Location #2 ----
+       <-- 302 with token query arg
 client --- GET <Location #2> --> this server
       <-- 204 X-Auth-Token ----
 From now on call this server as if it were a cloudapi server (using [cloudapi
 paths](https://github.com/joyent/sdc-cloudapi/blob/master/docs/index.md#api-introduction)),
-always providing the X-Auth-Token. For example, to retrieve a list of packages:
+except prefixing any path with "/api". Also always provide the X-Auth-Token.
-client --- GET /my/packages --> this server
+For example, to retrieve a list of packages:
 client --- GET /api/my/packages --> this server
       <-- 200 JSON body ------
 The most useful cloudapi endpoints to begin with will be ListPackages,
--- a/bin/server.js
+++ b/bin/server.js
@ -15,6 +15,10 @@ let CLOUDAPI = {};
 let CLOUDAPI_HOST = '';
 let SIGNER = {};
 const LOGIN_PATH = '/api/login';
 const API_PATH = '/api'; // all calls here go to cloudapi
 const API_RE = new RegExp('^' + API_PATH + '/');
 const STATIC_RE = new RegExp('^/');
 // Take any HTTP request that has a token, sign that request  with an
 // HTTP-Signature header, and pass it along to cloudapi. Return any response
@ -40,16 +44,19 @@ function proxy(req, res, cb) {
    // check the X-Auth-Token is present
    if (req.header('X-Auth-Token') == undefined) {
-        res.send({"Error": "X-Auth-Token header missing"});
+        res.send({'Error': 'X-Auth-Token header missing'});
        res.send(401);
        return cb();
    }
    // strip off /api from path before forwarding to cloudapi
    let url = req.url.substr(API_PATH.length);
    // sign the request before forwarding to cloudapi
    let headers = req.headers;
    var rs = mod_sdcauth.requestSigner({ sign: SIGNER });
    headers.date = rs.writeDateHeader();
-    rs.writeTarget(req.method, req.url);
+    rs.writeTarget(req.method, url);
    rs.sign(function signedCb(err, authz) {
        if (err) {
@ -60,10 +67,12 @@ function proxy(req, res, cb) {
        headers.authorization = authz;
        const opts = {
-            path: req.url,
+            path: url,
            headers: headers
        };
 console.dir(opts);
        // make the call to cloudapi
        switch (req.method) {
            case 'GET':    CLOUDAPI.get(opts,  proxyReturn); break;
@ -153,20 +162,21 @@ function main() {
    server.use(mod_restify.authorizationParser());
    server.use(mod_restify.bodyReader());
-    // where to server static content from
+    // login path is /api/login
-    server.get(/^\/static.*/, mod_restify.plugins.serveStatic({
+    server.get(LOGIN_PATH,  login);
    // all cloudapi calls are proxied through /api
    server.get(API_RE,  proxy);
    server.put(API_RE,  proxy);
    server.del(API_RE,  proxy);
    server.post(API_RE, proxy);
    server.head(API_RE, proxy);
    // where to serve static content from
    server.get(STATIC_RE, mod_restify.plugins.serveStatic({
        directory: 'static',
        default: 'index.html'
    }));
    // route HTTP requests to proper functions
    server.get('/login',  login);
    server.get(/^/,  proxy);
    server.put(/^/,  proxy);
    server.del(/^/,  proxy);
    server.post(/^/, proxy);
    server.head(/^/, proxy);
    // enable HTTP server
    server.listen(CONFIG.server.port, function listening() {
--- a/1
+++ b/1
@ -0,0 +1 @@
 app/dist
--- a/static/index.html
+++ b/static/index.html
@ -1,5 +0,0 @@
 <html>
  <body>
    Hi!
  </body>
 </html>
--- a/static/static
+++ b/static/static
@ -1 +0,0 @@
 .