Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// # API routes
|
2014-04-12 07:46:15 +04:00
|
|
|
var express = require('express'),
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
api = require('../api'),
|
2014-07-10 03:48:00 +04:00
|
|
|
apiRoutes;
|
2013-11-12 09:27:12 +04:00
|
|
|
|
2015-06-14 22:07:52 +03:00
|
|
|
apiRoutes = function apiRoutes(middleware) {
|
2015-10-22 16:28:47 +03:00
|
|
|
var router = express.Router(),
|
|
|
|
// Authentication for public endpoints
|
|
|
|
authenticatePublic = [
|
|
|
|
middleware.api.authenticateClient,
|
2015-10-23 12:03:38 +03:00
|
|
|
middleware.api.authenticateUser,
|
|
|
|
middleware.api.requiresAuthorizedUserPublicAPI
|
2015-10-22 16:28:47 +03:00
|
|
|
],
|
|
|
|
// Require user for private endpoints
|
|
|
|
authenticatePrivate = [
|
|
|
|
middleware.api.authenticateClient,
|
|
|
|
middleware.api.authenticateUser,
|
|
|
|
middleware.api.requiresAuthorizedUser
|
|
|
|
];
|
|
|
|
|
2014-07-09 02:28:31 +04:00
|
|
|
// alias delete with del
|
|
|
|
router.del = router.delete;
|
2014-04-12 07:46:15 +04:00
|
|
|
|
2014-08-21 01:42:34 +04:00
|
|
|
// ## Configuration
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/configuration', authenticatePrivate, api.http(api.configuration.browse));
|
|
|
|
router.get('/configuration/:key', authenticatePrivate, api.http(api.configuration.read));
|
2014-08-21 01:42:34 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## Posts
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/posts', authenticatePublic, api.http(api.posts.browse));
|
|
|
|
|
|
|
|
router.post('/posts', authenticatePrivate, api.http(api.posts.add));
|
|
|
|
router.get('/posts/:id', authenticatePublic, api.http(api.posts.read));
|
|
|
|
router.get('/posts/slug/:slug', authenticatePublic, api.http(api.posts.read));
|
|
|
|
router.put('/posts/:id', authenticatePrivate, api.http(api.posts.edit));
|
|
|
|
router.del('/posts/:id', authenticatePrivate, api.http(api.posts.destroy));
|
2014-07-09 02:28:31 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## Settings
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/settings', authenticatePrivate, api.http(api.settings.browse));
|
|
|
|
router.get('/settings/:key', authenticatePrivate, api.http(api.settings.read));
|
|
|
|
router.put('/settings', authenticatePrivate, api.http(api.settings.edit));
|
2014-07-09 02:28:31 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## Users
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/users', authenticatePublic, api.http(api.users.browse));
|
|
|
|
|
|
|
|
router.get('/users/:id', authenticatePublic, api.http(api.users.read));
|
|
|
|
router.get('/users/slug/:slug', authenticatePublic, api.http(api.users.read));
|
|
|
|
router.get('/users/email/:email', authenticatePublic, api.http(api.users.read));
|
|
|
|
router.put('/users/password', authenticatePrivate, api.http(api.users.changePassword));
|
|
|
|
router.put('/users/owner', authenticatePrivate, api.http(api.users.transferOwnership));
|
|
|
|
router.put('/users/:id', authenticatePrivate, api.http(api.users.edit));
|
|
|
|
router.post('/users', authenticatePrivate, api.http(api.users.add));
|
|
|
|
router.del('/users/:id', authenticatePrivate, api.http(api.users.destroy));
|
2014-06-20 13:15:01 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## Tags
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/tags', authenticatePublic, api.http(api.tags.browse));
|
|
|
|
router.get('/tags/:id', authenticatePublic, api.http(api.tags.read));
|
|
|
|
router.get('/tags/slug/:slug', authenticatePublic, api.http(api.tags.read));
|
|
|
|
router.post('/tags', authenticatePrivate, api.http(api.tags.add));
|
|
|
|
router.put('/tags/:id', authenticatePrivate, api.http(api.tags.edit));
|
|
|
|
router.del('/tags/:id', authenticatePrivate, api.http(api.tags.destroy));
|
2014-07-09 02:28:31 +04:00
|
|
|
|
2014-07-15 19:22:06 +04:00
|
|
|
// ## Roles
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/roles/', authenticatePrivate, api.http(api.roles.browse));
|
2014-07-15 19:22:06 +04:00
|
|
|
|
2015-08-31 16:59:56 +03:00
|
|
|
// ## Clients
|
|
|
|
router.get('/clients/slug/:slug', api.http(api.clients.read));
|
|
|
|
|
2014-07-09 02:28:31 +04:00
|
|
|
// ## Slugs
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/slugs/:type/:name', authenticatePrivate, api.http(api.slugs.generate));
|
2014-07-09 02:28:31 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## Themes
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/themes', authenticatePrivate, api.http(api.themes.browse));
|
|
|
|
router.put('/themes/:name', authenticatePrivate, api.http(api.themes.edit));
|
2014-07-09 02:28:31 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## Notifications
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/notifications', authenticatePrivate, api.http(api.notifications.browse));
|
|
|
|
router.post('/notifications', authenticatePrivate, api.http(api.notifications.add));
|
|
|
|
router.del('/notifications/:id', authenticatePrivate, api.http(api.notifications.destroy));
|
2014-07-09 02:28:31 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## DB
|
2015-10-22 16:28:47 +03:00
|
|
|
router.get('/db', authenticatePrivate, api.http(api.db.exportContent));
|
|
|
|
router.post('/db', authenticatePrivate, middleware.busboy, api.http(api.db.importContent));
|
|
|
|
router.del('/db', authenticatePrivate, api.http(api.db.deleteAllContent));
|
2014-07-09 02:28:31 +04:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
// ## Mail
|
2015-10-22 16:28:47 +03:00
|
|
|
router.post('/mail', authenticatePrivate, api.http(api.mail.send));
|
|
|
|
router.post('/mail/test', authenticatePrivate, api.http(api.mail.sendTest));
|
2014-07-03 19:06:07 +04:00
|
|
|
|
2014-07-09 02:28:31 +04:00
|
|
|
// ## Authentication
|
2014-08-01 02:58:32 +04:00
|
|
|
router.post('/authentication/passwordreset',
|
2015-05-26 22:04:27 +03:00
|
|
|
middleware.spamPrevention.forgotten,
|
2014-08-01 02:58:32 +04:00
|
|
|
api.http(api.authentication.generateResetToken)
|
|
|
|
);
|
2014-07-09 02:28:31 +04:00
|
|
|
router.put('/authentication/passwordreset', api.http(api.authentication.resetPassword));
|
|
|
|
router.post('/authentication/invitation', api.http(api.authentication.acceptInvitation));
|
2014-08-25 06:34:26 +04:00
|
|
|
router.get('/authentication/invitation', api.http(api.authentication.isInvitation));
|
2014-07-11 16:17:09 +04:00
|
|
|
router.post('/authentication/setup', api.http(api.authentication.setup));
|
2015-05-27 07:14:43 +03:00
|
|
|
router.put('/authentication/setup', api.http(api.authentication.updateSetup));
|
2014-07-11 16:17:09 +04:00
|
|
|
router.get('/authentication/setup', api.http(api.authentication.isSetup));
|
2014-07-09 02:28:31 +04:00
|
|
|
router.post('/authentication/token',
|
2015-05-26 22:04:27 +03:00
|
|
|
middleware.spamPrevention.signin,
|
2015-06-14 22:07:52 +03:00
|
|
|
middleware.api.authenticateClient,
|
|
|
|
middleware.api.generateAccessToken
|
2014-06-30 16:58:10 +04:00
|
|
|
);
|
2015-10-22 16:28:47 +03:00
|
|
|
router.post('/authentication/revoke', authenticatePrivate, api.http(api.authentication.revoke));
|
2014-06-30 16:58:10 +04:00
|
|
|
|
2014-07-15 14:40:14 +04:00
|
|
|
// ## Uploads
|
2015-10-22 16:28:47 +03:00
|
|
|
router.post('/uploads', authenticatePrivate, middleware.busboy, api.http(api.uploads.add));
|
2014-04-12 07:46:15 +04:00
|
|
|
|
2015-06-14 22:07:52 +03:00
|
|
|
// API Router middleware
|
|
|
|
router.use(middleware.api.errorHandler);
|
|
|
|
|
2014-04-12 07:46:15 +04:00
|
|
|
return router;
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 16:41:19 +04:00
|
|
|
};
|
|
|
|
|
2014-05-06 02:38:05 +04:00
|
|
|
module.exports = apiRoutes;
|