Beginning implementation of the planned API endpoints.

2019-02-19 02:50:07 -06:00
parent a16ef81077
commit e3450d5f8f
6 changed files with 130 additions and 31 deletions
--- a/api/src/main/nim/personal_measure_apipkg/api.nim
+++ b/api/src/main/nim/personal_measure_apipkg/api.nim
@ -1,9 +1,6 @@
-import asyncdispatch, jester, json, jwt, strutils, times, timeutils, uuids
-
-import ./db
-import ./configuration
-import ./models
-import ./service
+import asyncdispatch, jester, json, jwt, logging, options, sequtils, strutils,
+  times, timeutils, uuids
+import ./db, ./configuration, ./models, ./service, ./version

 const JSON = "application/json"

@ -101,7 +98,10 @@ proc makeAuthToken*(ctx: PMApiContext, email, pwd: string): string =

  # find the user record
  var user: User
-  try: user = ctx.db.getUserByEmail(email)
+  try:
+    let users = ctx.db.getUserByEmail(email)
+    if users.len != 1: raiseEx ""
+    user = users[0]
  except: raiseEx "invalid username or password"

  if not validatePwd(user, pwd): raiseEx "invalid username or password"
@ -117,17 +117,19 @@ template checkAuth() =

  var session {.inject.}: Session

-  try: session = extractSession(cfg, request)
+  try: session = extractSession(ctx, request)
  except:
    debug "Auth failed: " & getCurrentExceptionMsg()
    jsonResp(Http401, "Unauthorized", @{"WWW-Authenticate": "Bearer"})

-proc start*(cfg: PMApiConfig): void =
+proc start*(ctx: PMApiContext): void =
+
+  if ctx.cfg.debug: setLogFilter(lvlDebug)

  var stopFuture = newFuture[void]()

  settings:
-    port = Port(cfg.port)
+    port = Port(ctx.cfg.port)
    appName = "/api"

  routes:
@ -135,12 +137,57 @@ proc start*(cfg: PMApiConfig): void =
    get "/version":
      resp($(%("personal_measure_api v" & PM_API_VERSION)), JSON)

+    post "/auth-token":
+      var email, pwd: string
+      try:
+        let jsonBody = parseJson(request.body)
+        email = jsonBody["email"].getStr
+        pwd = jsonBody["password"].getStr
+      except: jsonResp(Http400)
+
+      try:
+        let authToken = makeAuthToken(ctx, email, pwd)
+        resp($(%authToken), JSON)
+      except: jsonResp(Http401, getCurrentExceptionMsg())
+
+    get "/user":
+      checkAuth()
+
+      resp(Http200, $(%session.user), JSON)
+
    post "/service/debug/stop":
-      if not cfg.debug: jsonResp(Http404)
+      if not ctx.cfg.debug: jsonResp(Http404)
      else:
        let shutdownFut = sleepAsync(100)
        shutdownFut.callback = proc(): void = complete(stopFuture)
        resp($(%"shutting down"), JSON)

+    get "/api-tokens":
+      checkAuth()
+
+      resp(Http200, $(%ctx.db.getApiTokenByUserId($session.user.id)))
+
+    post "/api-tokens":
+      checkAuth()
+
+      var newToken: ApiToken
+      try:
+        let jsonBody = parseJson(request.body)
+        newToken = ApiToken(
+          id: genUUID(),
+          userId: session.user.id,
+          name: jsonBody["name"].getStr,
+          expires: none[DateTime](),
+          hashedToken:  "")
+      except: jsonResp(Http400)
+
+      try:
+        let tokenValue = "" # TODO
+        newToken.hashedToken = hashPwd(tokenValue)
+        ctx.db.createApiToken(token)
+        let respToken = %newToken
+        newToken["value"] = tokenValue
+        resp($newToken, JSON)
+
  waitFor(stopFuture)

--- a/api/src/main/nim/personal_measure_apipkg/models.nim
+++ b/api/src/main/nim/personal_measure_apipkg/models.nim
@ -1,4 +1,4 @@
-import options, times, timeutils, uuids
+import json, options, times, timeutils, uuids

 type
  User* = object
@ -46,3 +46,44 @@ proc `$`*(m: Measure): string =

 proc `$`*(v: Value): string =
  return "Value " & ($v.id)[0..6] & " - " & ($v.measureId)[0..6] & " = " & $v.value
+
+proc `%`*(u: User): JsonNode =
+  result = %*{
+    "id": $u.id,
+    "email": u.email,
+    "displayName": u.displayName
+  }
+
+proc `%`*(tok: ApiToken): JsonNode =
+  result = %*{
+    "id": $tok.id,
+    "userId": $tok.userId,
+    "name": tok.name
+  }
+
+  if tok.expires.isSome:
+    result["expires"] = %(tok.expires.get.formatIso8601)
+
+proc `%`*(m: Measure): JsonNode =
+  result = %*{
+    "id": $m.id,
+    "userId": $m.userId,
+    "slug": m.slug,
+    "name": m.name,
+    "description": m.description,
+    "domainUnits": m.domainUnits,
+    "rangeUnits": m.rangeUnits,
+    "analysis": m.analysis
+  }
+
+  if m.domainSource.isSome: result["domainSource"] = %(m.domainSource.get)
+  if m.rangeSource.isSome: result["rangeSource"] = %(m.rangeSource.get)
+
+proc `%`*(v: Value): JsonNode =
+  result = %*{
+    "id": $v.id,
+    "measureId": $v.measureId,
+    "value": v.value,
+    "timestampe": v.timestamp.formatIso8601,
+    "extData": v.extData
+  }