api: Update API to support Options requests for CORS.
This commit is contained in:
parent
c987d66504
commit
e3f214d0da
@ -1,6 +1,5 @@
|
||||
{
|
||||
"debug":false,
|
||||
"port":80,
|
||||
"pwdCost":11,
|
||||
"knownOrigins": [ "https://pm.jdb-labs.com" ]
|
||||
"knownOrigins": [ "https://pm.jdb-software.com", "https://pm-dev.jdb-software.com" ]
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
import asyncdispatch, base64, jester, json, jwt, logging, options, sequtils,
|
||||
times, uuids
|
||||
from httpcore import HttpMethod
|
||||
from unicode import capitalize
|
||||
import strutils except capitalize
|
||||
import timeutils
|
||||
@ -58,6 +59,29 @@ template jsonResp(code: HttpCode, body: string = "", headersToSend: RawHeaders =
|
||||
body
|
||||
)
|
||||
|
||||
template optionsResp(allowedMethods: seq[HttpMethod]) =
|
||||
|
||||
let reqOrigin =
|
||||
if request.headers.hasKey("Origin"): $(request.headers["Origin"])
|
||||
else: ""
|
||||
|
||||
let corsHeaders =
|
||||
if ctx.cfg.knownOrigins.contains(reqOrigin):
|
||||
@{
|
||||
"Access-Control-Allow-Origin": reqOrigin,
|
||||
"Access-Control-Allow-Credentials": "true",
|
||||
"Access-Control-Allow-Methods": allowedMethods.mapIt($it).join(", "),
|
||||
"Access-Control-Allow-Headers": "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization"
|
||||
}
|
||||
else: @{:}
|
||||
|
||||
halt(
|
||||
Http200,
|
||||
corsHeaders,
|
||||
""
|
||||
)
|
||||
|
||||
|
||||
template jsonResp(body: string) = jsonResp(Http200, body)
|
||||
|
||||
template statusResp(code: HttpCode, details: string = "", headersToSend: RawHeaders = @{:} ) =
|
||||
@ -212,9 +236,13 @@ proc start*(ctx: PMApiContext): void =
|
||||
|
||||
routes:
|
||||
|
||||
options "/version": optionsResp(@[HttpGet])
|
||||
|
||||
get "/version":
|
||||
jsonResp($(%("personal_measure_api v" & PM_API_VERSION)))
|
||||
|
||||
options "/auth-token": optionsResp(@[HttpPost])
|
||||
|
||||
post "/auth-token":
|
||||
|
||||
try:
|
||||
@ -226,6 +254,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
except JsonParsingError: statusResp(Http400, getCurrentExceptionMsg())
|
||||
except: statusResp(Http401, getCurrentExceptionMsg())
|
||||
|
||||
options "/change-pwd": optionsResp(@[HttpPost])
|
||||
|
||||
post "/change-pwd":
|
||||
checkAuth()
|
||||
|
||||
@ -247,6 +277,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
error "internal error changing password: " & getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/change-pwd/@userId": optionsResp(@[HttpPost])
|
||||
|
||||
post "/change-pwd/@userId":
|
||||
checkAuth(true)
|
||||
|
||||
@ -268,6 +300,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
error "internal error changing password: " & getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/user": optionsResp(@[HttpGet, HttpPut])
|
||||
|
||||
get "/user":
|
||||
checkAuth()
|
||||
|
||||
@ -292,6 +326,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
error "Could not update user information:\n\t" & getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/users": optionsResp(@[HttpGet, HttpPost])
|
||||
|
||||
get "/users":
|
||||
checkAuth(true)
|
||||
|
||||
@ -320,6 +356,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
error "Could not create new user:\n\t" & getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/users/@userId": optionsResp(@[HttpGet, HttpDelete])
|
||||
|
||||
get "/users/@userId":
|
||||
checkAuth(true)
|
||||
|
||||
@ -340,6 +378,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
|
||||
except: statusResp(Http500, getCurrentExceptionMsg())
|
||||
|
||||
options "/api-tokens": optionsResp(@[HttpGet, HttpPost])
|
||||
|
||||
get "/api-tokens":
|
||||
checkAuth()
|
||||
|
||||
@ -374,6 +414,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
debug getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/api-tokens/@tokenId": optionsResp(@[HttpGet, HttpDelete])
|
||||
|
||||
get "/api-tokens/@tokenId":
|
||||
checkAuth()
|
||||
|
||||
@ -394,6 +436,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
|
||||
# Measure
|
||||
|
||||
options "/measures": optionsResp(@[HttpGet, HttpPost])
|
||||
|
||||
get "/measures":
|
||||
checkAuth()
|
||||
|
||||
@ -438,6 +482,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
error "unable to create new measure:\n\t" & getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/measures/@slug": optionsResp(@[HttpGet, HttpPost, HttpDelete])
|
||||
|
||||
get "/measures/@slug":
|
||||
checkAuth()
|
||||
|
||||
@ -491,6 +537,9 @@ proc start*(ctx: PMApiContext): void =
|
||||
statusResp(Http500)
|
||||
|
||||
# Measurements
|
||||
|
||||
options "/measurements/@slug": optionsResp(@[HttpGet, HttpPost])
|
||||
|
||||
get "/measurements/@slug":
|
||||
checkAuth()
|
||||
|
||||
@ -528,6 +577,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
error "unable to add measurement:\n\t" & getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/measurements/@slug/@id": optionsResp(@[HttpGet, HttpPut, HttpDelete])
|
||||
|
||||
get "/measurements/@slug/@id":
|
||||
checkAuth()
|
||||
|
||||
@ -580,6 +631,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
error "unable to delete measurement:\n\t" & getCurrentExceptionMsg()
|
||||
statusResp(Http500)
|
||||
|
||||
options "/log": optionsResp(@[HttpPost])
|
||||
|
||||
post "/log":
|
||||
checkAuth()
|
||||
|
||||
@ -597,6 +650,8 @@ proc start*(ctx: PMApiContext): void =
|
||||
except BadRequestError: statusResp(Http400, getCurrentExceptionMsg())
|
||||
except: statusResp(Http500, getCurrentExceptionMsg())
|
||||
|
||||
options "/log/batch": optionsResp(@[HttpPost])
|
||||
|
||||
post "/log/batch":
|
||||
checkAuth()
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user