2014-04-07 06:02:12 -04:00
|
|
|
AdminController = require('./Features/ServerAdmin/AdminController')
|
2014-06-20 12:17:24 -04:00
|
|
|
ErrorController = require('./Features/Errors/ErrorController')
|
2014-04-08 09:34:03 -04:00
|
|
|
ProjectController = require("./Features/Project/ProjectController")
|
2014-02-12 05:23:40 -05:00
|
|
|
ProjectApiController = require("./Features/Project/ProjectApiController")
|
|
|
|
SpellingController = require('./Features/Spelling/SpellingController')
|
|
|
|
EditorController = require("./Features/Editor/EditorController")
|
2014-11-06 06:53:59 -05:00
|
|
|
EditorRouter = require("./Features/Editor/EditorRouter")
|
2014-02-12 05:23:40 -05:00
|
|
|
Settings = require('settings-sharelatex')
|
|
|
|
TpdsController = require('./Features/ThirdPartyDataStore/TpdsController')
|
|
|
|
SubscriptionRouter = require './Features/Subscription/SubscriptionRouter'
|
|
|
|
UploadsRouter = require './Features/Uploads/UploadsRouter'
|
2017-04-03 11:18:30 -04:00
|
|
|
metrics = require('metrics-sharelatex')
|
2014-02-12 05:23:40 -05:00
|
|
|
ReferalController = require('./Features/Referal/ReferalController')
|
|
|
|
AuthenticationController = require('./Features/Authentication/AuthenticationController')
|
|
|
|
TagsController = require("./Features/Tags/TagsController")
|
2016-01-21 15:42:50 -05:00
|
|
|
NotificationsController = require("./Features/Notifications/NotificationsController")
|
2014-11-06 07:20:45 -05:00
|
|
|
CollaboratorsRouter = require('./Features/Collaborators/CollaboratorsRouter')
|
2014-04-09 09:45:46 -04:00
|
|
|
UserInfoController = require('./Features/User/UserInfoController')
|
2014-04-10 12:29:46 -04:00
|
|
|
UserController = require("./Features/User/UserController")
|
2018-06-08 13:05:19 -04:00
|
|
|
UserEmailsController = require("./Features/User/UserEmailsController")
|
2014-04-09 07:17:50 -04:00
|
|
|
UserPagesController = require('./Features/User/UserPagesController')
|
2014-02-12 05:23:40 -05:00
|
|
|
DocumentController = require('./Features/Documents/DocumentController')
|
|
|
|
CompileManager = require("./Features/Compile/CompileManager")
|
|
|
|
CompileController = require("./Features/Compile/CompileController")
|
2018-08-15 10:26:22 -04:00
|
|
|
ClsiCookieManager = require("./Features/Compile/ClsiCookieManager")(Settings.apis.clsi?.backendGroupName)
|
2014-02-12 05:23:40 -05:00
|
|
|
HealthCheckController = require("./Features/HealthCheck/HealthCheckController")
|
|
|
|
ProjectDownloadsController = require "./Features/Downloads/ProjectDownloadsController"
|
2014-02-20 17:33:12 -05:00
|
|
|
FileStoreController = require("./Features/FileStore/FileStoreController")
|
2016-12-09 10:43:08 -05:00
|
|
|
HistoryController = require("./Features/History/HistoryController")
|
2018-03-23 12:30:48 -04:00
|
|
|
ExportsController = require("./Features/Exports/ExportsController")
|
2014-05-15 11:20:23 -04:00
|
|
|
PasswordResetRouter = require("./Features/PasswordReset/PasswordResetRouter")
|
2014-06-20 12:17:24 -04:00
|
|
|
StaticPagesRouter = require("./Features/StaticPages/StaticPagesRouter")
|
2014-07-08 05:08:38 -04:00
|
|
|
ChatController = require("./Features/Chat/ChatController")
|
2014-07-09 14:49:39 -04:00
|
|
|
BlogController = require("./Features/Blog/BlogController")
|
2014-09-08 09:19:24 -04:00
|
|
|
Modules = require "./infrastructure/Modules"
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware = require('./Features/Security/RateLimiterMiddleware')
|
|
|
|
CooldownMiddleware = require('./Features/Cooldown/CooldownMiddleware')
|
2015-03-09 10:09:09 -04:00
|
|
|
RealTimeProxyRouter = require('./Features/RealTimeProxy/RealTimeProxyRouter')
|
2015-08-13 17:50:39 -04:00
|
|
|
InactiveProjectController = require("./Features/InactiveData/InactiveProjectController")
|
2015-10-07 12:32:35 -04:00
|
|
|
ContactRouter = require("./Features/Contacts/ContactRouter")
|
2016-02-08 12:04:27 -05:00
|
|
|
ReferencesController = require('./Features/References/ReferencesController')
|
2019-03-04 07:02:28 -05:00
|
|
|
AuthorizationMiddleware = require('./Features/Authorization/AuthorizationMiddleware')
|
2016-06-07 08:41:50 -04:00
|
|
|
BetaProgramController = require('./Features/BetaProgram/BetaProgramController')
|
2017-05-10 05:05:48 -04:00
|
|
|
SudoModeController = require('./Features/SudoMode/SudoModeController')
|
2019-03-04 07:02:28 -05:00
|
|
|
SudoModeMiddleware = require('./Features/SudoMode/SudoModeMiddleware')
|
2016-08-10 11:42:56 -04:00
|
|
|
AnalyticsRouter = require('./Features/Analytics/AnalyticsRouter')
|
2016-11-11 12:03:01 -05:00
|
|
|
AnnouncementsController = require("./Features/Announcements/AnnouncementsController")
|
2017-10-12 10:33:14 -04:00
|
|
|
MetaController = require('./Features/Metadata/MetaController')
|
2017-09-22 09:54:35 -04:00
|
|
|
TokenAccessController = require('./Features/TokenAccess/TokenAccessController')
|
2017-11-20 05:47:32 -05:00
|
|
|
Features = require('./infrastructure/Features')
|
2018-02-14 10:12:46 -05:00
|
|
|
LinkedFilesRouter = require './Features/LinkedFiles/LinkedFilesRouter'
|
2018-05-31 06:12:31 -04:00
|
|
|
TemplatesRouter = require './Features/Templates/TemplatesRouter'
|
2018-10-06 10:57:25 -04:00
|
|
|
InstitutionsController = require './Features/Institutions/InstitutionsController'
|
2018-09-25 09:10:06 -04:00
|
|
|
UserMembershipRouter = require './Features/UserMembership/UserMembershipRouter'
|
2014-05-15 11:20:23 -04:00
|
|
|
|
2014-02-12 05:23:40 -05:00
|
|
|
logger = require("logger-sharelatex")
|
2014-03-12 17:56:58 -04:00
|
|
|
_ = require("underscore")
|
2014-02-12 05:23:40 -05:00
|
|
|
|
|
|
|
module.exports = class Router
|
2017-07-05 09:43:41 -04:00
|
|
|
constructor: (webRouter, privateApiRouter, publicApiRouter)->
|
2015-04-15 06:14:38 -04:00
|
|
|
if !Settings.allowPublicAccess
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.all '*', AuthenticationController.requireGlobalLogin
|
2015-04-15 06:14:38 -04:00
|
|
|
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.get '/login', UserPagesController.loginPage
|
2015-04-15 06:14:38 -04:00
|
|
|
AuthenticationController.addEndpointToLoginWhitelist '/login'
|
|
|
|
|
2016-09-15 09:36:11 -04:00
|
|
|
webRouter.post '/login', AuthenticationController.passportLogin
|
|
|
|
|
2019-01-15 11:31:46 -05:00
|
|
|
webRouter.get '/logout', UserPagesController.logoutPage
|
|
|
|
webRouter.post '/logout', UserController.logout
|
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get '/restricted', AuthorizationMiddleware.restricted
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2018-09-10 06:41:03 -04:00
|
|
|
|
2017-11-20 05:47:32 -05:00
|
|
|
if Features.hasFeature('registration')
|
|
|
|
webRouter.get '/register', UserPagesController.registerPage
|
|
|
|
AuthenticationController.addEndpointToLoginWhitelist '/register'
|
2015-06-30 09:38:32 -04:00
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
EditorRouter.apply(webRouter, privateApiRouter)
|
|
|
|
CollaboratorsRouter.apply(webRouter, privateApiRouter)
|
2017-07-20 08:51:11 -04:00
|
|
|
SubscriptionRouter.apply(webRouter, privateApiRouter, publicApiRouter)
|
2017-07-05 09:43:41 -04:00
|
|
|
UploadsRouter.apply(webRouter, privateApiRouter)
|
|
|
|
PasswordResetRouter.apply(webRouter, privateApiRouter)
|
|
|
|
StaticPagesRouter.apply(webRouter, privateApiRouter)
|
|
|
|
RealTimeProxyRouter.apply(webRouter, privateApiRouter)
|
|
|
|
ContactRouter.apply(webRouter, privateApiRouter)
|
2018-01-11 02:34:24 -05:00
|
|
|
AnalyticsRouter.apply(webRouter, privateApiRouter, publicApiRouter)
|
2018-02-14 10:12:46 -05:00
|
|
|
LinkedFilesRouter.apply(webRouter, privateApiRouter, publicApiRouter)
|
2018-05-31 06:12:31 -04:00
|
|
|
TemplatesRouter.apply(webRouter)
|
2018-09-25 09:10:06 -04:00
|
|
|
UserMembershipRouter.apply(webRouter)
|
2016-09-02 11:17:37 -04:00
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
Modules.applyRouter(webRouter, privateApiRouter, publicApiRouter)
|
2014-02-12 05:23:40 -05:00
|
|
|
|
|
|
|
if Settings.enableSubscriptions
|
2016-09-23 09:42:57 -04:00
|
|
|
webRouter.get '/user/bonus', AuthenticationController.requireLogin(), ReferalController.bonus
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2018-09-27 05:56:14 -04:00
|
|
|
if !Settings.overleaf?
|
|
|
|
webRouter.get '/blog', BlogController.getIndexPage
|
|
|
|
webRouter.get '/blog/*', BlogController.getPage
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2015-12-11 06:30:06 -05:00
|
|
|
webRouter.get '/user/activate', UserPagesController.activateAccountPage
|
2016-06-13 10:24:41 -04:00
|
|
|
AuthenticationController.addEndpointToLoginWhitelist '/user/activate'
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2017-05-10 05:25:32 -04:00
|
|
|
webRouter.get '/user/settings',
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
SudoModeMiddleware.protectPage,
|
2017-05-10 05:25:32 -04:00
|
|
|
UserPagesController.settingsPage
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.post '/user/settings', AuthenticationController.requireLogin(), UserController.updateUserSettings
|
2017-07-21 06:07:05 -04:00
|
|
|
webRouter.post '/user/password/update',
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2017-07-21 06:07:05 -04:00
|
|
|
endpointName: "change-password"
|
|
|
|
maxRequests: 10
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
|
|
|
UserController.changePassword
|
2018-06-08 13:05:19 -04:00
|
|
|
webRouter.get '/user/emails',
|
|
|
|
AuthenticationController.requireLogin(),
|
|
|
|
UserEmailsController.list
|
2018-06-19 08:55:34 -04:00
|
|
|
webRouter.get '/user/emails/confirm',
|
|
|
|
UserEmailsController.showConfirm
|
|
|
|
webRouter.post '/user/emails/confirm',
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "confirm-email"
|
|
|
|
maxRequests: 10
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2018-06-19 08:55:34 -04:00
|
|
|
UserEmailsController.confirm
|
2018-07-12 11:39:04 -04:00
|
|
|
webRouter.post '/user/emails/resend_confirmation',
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2019-01-11 09:14:27 -05:00
|
|
|
endpointName: "resend-confirmation"
|
|
|
|
maxRequests: 10
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2018-07-12 11:39:04 -04:00
|
|
|
UserEmailsController.resendConfirmation
|
2014-05-15 11:20:23 -04:00
|
|
|
|
2018-07-06 07:03:26 -04:00
|
|
|
if Features.hasFeature 'affiliations'
|
2018-07-04 06:47:05 -04:00
|
|
|
webRouter.post '/user/emails',
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2018-12-21 07:06:00 -05:00
|
|
|
endpointName: 'add-email',
|
|
|
|
maxRequests: 10
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2018-07-04 06:47:05 -04:00
|
|
|
UserEmailsController.add
|
|
|
|
webRouter.post '/user/emails/delete',
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2018-12-21 07:06:00 -05:00
|
|
|
endpointName: 'delete-email',
|
|
|
|
maxRequests: 10
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2018-07-04 06:47:05 -04:00
|
|
|
UserEmailsController.remove
|
|
|
|
webRouter.post '/user/emails/default',
|
|
|
|
AuthenticationController.requireLogin(),
|
|
|
|
UserEmailsController.setDefault
|
2018-07-05 04:46:06 -04:00
|
|
|
webRouter.post '/user/emails/endorse',
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "endorse-email"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2018-07-05 04:46:06 -04:00
|
|
|
UserEmailsController.endorse
|
2018-07-04 06:47:05 -04:00
|
|
|
|
|
|
|
|
2017-05-10 06:36:19 -04:00
|
|
|
webRouter.get '/user/sessions',
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
SudoModeMiddleware.protectPage,
|
2017-05-10 06:36:19 -04:00
|
|
|
UserPagesController.sessionsPage
|
2016-10-07 05:52:58 -04:00
|
|
|
webRouter.post '/user/sessions/clear', AuthenticationController.requireLogin(), UserController.clearSessions
|
2016-10-06 10:49:47 -04:00
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.delete '/user/newsletter/unsubscribe', AuthenticationController.requireLogin(), UserController.unsubscribe
|
2019-03-22 08:15:11 -04:00
|
|
|
webRouter.post '/user/delete',
|
|
|
|
RateLimiterMiddleware.rateLimit({
|
|
|
|
endpointName: "delete-user"
|
|
|
|
maxRequests: 10
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
|
|
|
AuthenticationController.requireLogin(),
|
|
|
|
UserController.tryDeleteUser
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2016-03-10 12:15:14 -05:00
|
|
|
webRouter.get '/user/personal_info', AuthenticationController.requireLogin(), UserInfoController.getLoggedInUsersPersonalInfo
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/user/:user_id/personal_info', AuthenticationController.httpAuth, UserInfoController.getPersonalInfo
|
2014-06-10 17:26:43 -04:00
|
|
|
|
2018-05-04 05:45:13 -04:00
|
|
|
webRouter.get '/user/projects', AuthenticationController.requireLogin(), ProjectController.userProjectsJson
|
2018-05-23 06:34:55 -04:00
|
|
|
webRouter.get '/project/:Project_id/entities', AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
AuthorizationMiddleware.ensureUserCanReadProject,
|
2018-05-23 06:34:55 -04:00
|
|
|
ProjectController.projectEntitiesJson
|
2018-05-04 05:45:13 -04:00
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.get '/project', AuthenticationController.requireLogin(), ProjectController.projectListPage
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/project/new', AuthenticationController.requireLogin(), RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "create-project"
|
|
|
|
maxRequests: 20
|
|
|
|
timeInterval: 60
|
|
|
|
}), ProjectController.newProject
|
2014-04-28 12:47:47 -04:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get '/Project/:Project_id', RateLimiterMiddleware.rateLimit({
|
2015-02-04 10:05:26 -05:00
|
|
|
endpointName: "open-project"
|
|
|
|
params: ["Project_id"]
|
2019-01-03 12:56:24 -05:00
|
|
|
maxRequests: 15
|
2015-02-04 10:05:26 -05:00
|
|
|
timeInterval: 60
|
2019-03-04 07:02:28 -05:00
|
|
|
}), AuthorizationMiddleware.ensureUserCanReadProject, ProjectController.loadEditor
|
|
|
|
webRouter.get '/Project/:Project_id/file/:File_id', AuthorizationMiddleware.ensureUserCanReadProject, FileStoreController.getFile
|
|
|
|
webRouter.post '/project/:Project_id/settings', AuthorizationMiddleware.ensureUserCanWriteProjectSettings, ProjectController.updateProjectSettings
|
|
|
|
webRouter.post '/project/:Project_id/settings/admin', AuthorizationMiddleware.ensureUserCanAdminProject, ProjectController.updateProjectAdminSettings
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/project/:Project_id/compile', RateLimiterMiddleware.rateLimit({
|
2017-04-11 11:08:38 -04:00
|
|
|
endpointName: "compile-project-http"
|
|
|
|
params: ["Project_id"]
|
|
|
|
maxRequests: 800
|
|
|
|
timeInterval: 60 * 60
|
2019-03-04 07:02:28 -05:00
|
|
|
}), AuthorizationMiddleware.ensureUserCanReadProject, CompileController.compile
|
2017-04-11 11:08:38 -04:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/project/:Project_id/compile/stop', AuthorizationMiddleware.ensureUserCanReadProject, CompileController.stopCompile
|
2016-07-14 09:48:46 -04:00
|
|
|
|
2016-06-16 08:59:56 -04:00
|
|
|
# Used by the web download buttons, adds filename header
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get '/project/:Project_id/output/output.pdf', AuthorizationMiddleware.ensureUserCanReadProject, CompileController.downloadPdf
|
2016-06-16 08:59:56 -04:00
|
|
|
# Used by the pdf viewers
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.get /^\/project\/([^\/]*)\/output\/(.*)$/,
|
2014-02-12 05:23:40 -05:00
|
|
|
((req, res, next) ->
|
|
|
|
params =
|
|
|
|
"Project_id": req.params[0]
|
|
|
|
"file": req.params[1]
|
|
|
|
req.params = params
|
|
|
|
next()
|
2019-03-04 07:02:28 -05:00
|
|
|
), AuthorizationMiddleware.ensureUserCanReadProject, CompileController.getFileFromClsi
|
2016-05-13 05:33:38 -04:00
|
|
|
# direct url access to output files for a specific build (query string not required)
|
|
|
|
webRouter.get /^\/project\/([^\/]*)\/build\/([0-9a-f-]+)\/output\/(.*)$/,
|
|
|
|
((req, res, next) ->
|
|
|
|
params =
|
|
|
|
"Project_id": req.params[0]
|
2016-06-02 12:03:07 -04:00
|
|
|
"build_id": req.params[1]
|
2016-05-13 05:33:38 -04:00
|
|
|
"file": req.params[2]
|
2016-07-14 09:48:46 -04:00
|
|
|
req.params = params
|
|
|
|
next()
|
2019-03-04 07:02:28 -05:00
|
|
|
), AuthorizationMiddleware.ensureUserCanReadProject, CompileController.getFileFromClsi
|
2016-07-14 09:48:46 -04:00
|
|
|
|
2016-07-18 06:16:09 -04:00
|
|
|
# direct url access to output files for user but no build, to retrieve files when build fails
|
2016-07-14 09:48:46 -04:00
|
|
|
webRouter.get /^\/project\/([^\/]*)\/user\/([0-9a-f-]+)\/output\/(.*)$/,
|
|
|
|
((req, res, next) ->
|
|
|
|
params =
|
|
|
|
"Project_id": req.params[0]
|
|
|
|
"user_id": req.params[1]
|
|
|
|
"file": req.params[2]
|
2016-05-13 05:33:38 -04:00
|
|
|
req.params = params
|
|
|
|
next()
|
2019-03-04 07:02:28 -05:00
|
|
|
), AuthorizationMiddleware.ensureUserCanReadProject, CompileController.getFileFromClsi
|
2016-05-13 05:33:38 -04:00
|
|
|
|
2016-05-31 11:20:24 -04:00
|
|
|
# direct url access to output files for a specific user and build (query string not required)
|
|
|
|
webRouter.get /^\/project\/([^\/]*)\/user\/([0-9a-f]+)\/build\/([0-9a-f-]+)\/output\/(.*)$/,
|
|
|
|
((req, res, next) ->
|
|
|
|
params =
|
|
|
|
"Project_id": req.params[0]
|
2016-06-02 12:03:07 -04:00
|
|
|
"user_id": req.params[1]
|
|
|
|
"build_id": req.params[2]
|
2016-05-31 11:20:24 -04:00
|
|
|
"file": req.params[3]
|
|
|
|
req.params = params
|
|
|
|
next()
|
2019-03-04 07:02:28 -05:00
|
|
|
), AuthorizationMiddleware.ensureUserCanReadProject, CompileController.getFileFromClsi
|
2016-05-31 11:20:24 -04:00
|
|
|
|
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.delete "/project/:Project_id/output", AuthorizationMiddleware.ensureUserCanReadProject, CompileController.deleteAuxFiles
|
|
|
|
webRouter.get "/project/:Project_id/sync/code", AuthorizationMiddleware.ensureUserCanReadProject, CompileController.proxySyncCode
|
|
|
|
webRouter.get "/project/:Project_id/sync/pdf", AuthorizationMiddleware.ensureUserCanReadProject, CompileController.proxySyncPdf
|
|
|
|
webRouter.get "/project/:Project_id/wordcount", AuthorizationMiddleware.ensureUserCanReadProject, CompileController.wordCount
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.delete '/Project/:Project_id', AuthorizationMiddleware.ensureUserCanAdminProject, ProjectController.deleteProject
|
|
|
|
webRouter.post '/Project/:Project_id/restore', AuthorizationMiddleware.ensureUserCanAdminProject, ProjectController.restoreProject
|
|
|
|
webRouter.post '/Project/:Project_id/clone', AuthorizationMiddleware.ensureUserCanReadProject, ProjectController.cloneProject
|
2014-04-28 12:47:47 -04:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/project/:Project_id/rename', AuthorizationMiddleware.ensureUserCanAdminProject, ProjectController.renameProject
|
2014-03-05 11:31:52 -05:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get "/project/:Project_id/updates", AuthorizationMiddleware.ensureUserCanReadProject, HistoryController.selectHistoryApi, HistoryController.proxyToHistoryApiAndInjectUserDetails
|
|
|
|
webRouter.get "/project/:Project_id/doc/:doc_id/diff", AuthorizationMiddleware.ensureUserCanReadProject, HistoryController.selectHistoryApi, HistoryController.proxyToHistoryApi
|
|
|
|
webRouter.get "/project/:Project_id/diff", AuthorizationMiddleware.ensureUserCanReadProject, HistoryController.selectHistoryApi, HistoryController.proxyToHistoryApiAndInjectUserDetails
|
|
|
|
webRouter.get "/project/:Project_id/filetree/diff", AuthorizationMiddleware.ensureUserCanReadProject, HistoryController.selectHistoryApi, HistoryController.proxyToHistoryApi
|
|
|
|
webRouter.post "/project/:Project_id/doc/:doc_id/version/:version_id/restore", AuthorizationMiddleware.ensureUserCanWriteProjectContent, HistoryController.selectHistoryApi, HistoryController.proxyToHistoryApi
|
|
|
|
webRouter.post '/project/:project_id/doc/:doc_id/restore', AuthorizationMiddleware.ensureUserCanWriteProjectContent, HistoryController.restoreDocFromDeletedDoc
|
|
|
|
webRouter.post "/project/:project_id/restore_file", AuthorizationMiddleware.ensureUserCanWriteProjectContent, HistoryController.restoreFileFromV2
|
|
|
|
webRouter.get "/project/:project_id/version/:version/zip", AuthorizationMiddleware.ensureUserCanReadProject, HistoryController.downloadZipOfVersion
|
2018-03-07 09:10:53 -05:00
|
|
|
privateApiRouter.post "/project/:Project_id/history/resync", AuthenticationController.httpAuth, HistoryController.resyncProjectHistory
|
2016-12-09 10:43:08 -05:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get "/project/:Project_id/labels", AuthorizationMiddleware.ensureUserCanReadProject, HistoryController.selectHistoryApi, HistoryController.ensureProjectHistoryEnabled, HistoryController.getLabels
|
|
|
|
webRouter.post "/project/:Project_id/labels", AuthorizationMiddleware.ensureUserCanWriteProjectContent, HistoryController.selectHistoryApi, HistoryController.ensureProjectHistoryEnabled, HistoryController.createLabel
|
|
|
|
webRouter.delete "/project/:Project_id/labels/:label_id", AuthorizationMiddleware.ensureUserCanWriteProjectContent, HistoryController.selectHistoryApi, HistoryController.ensureProjectHistoryEnabled, HistoryController.deleteLabel
|
2018-07-20 10:36:03 -04:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/project/:project_id/export/:brand_variation_id', AuthorizationMiddleware.ensureUserCanWriteProjectContent, ExportsController.exportProject
|
|
|
|
webRouter.get '/project/:project_id/export/:export_id', AuthorizationMiddleware.ensureUserCanWriteProjectContent, ExportsController.exportStatus
|
|
|
|
webRouter.get '/project/:project_id/export/:export_id/:type', AuthorizationMiddleware.ensureUserCanWriteProjectContent, ExportsController.exportDownload
|
2018-03-16 08:21:07 -04:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get '/Project/:Project_id/download/zip', AuthorizationMiddleware.ensureUserCanReadProject, ProjectDownloadsController.downloadProject
|
|
|
|
webRouter.get '/project/download/zip', AuthorizationMiddleware.ensureUserCanReadMultipleProjects, ProjectDownloadsController.downloadMultipleProjects
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get '/project/:project_id/metadata', AuthorizationMiddleware.ensureUserCanReadProject, AuthenticationController.requireLogin(), MetaController.getMetadata
|
|
|
|
webRouter.post '/project/:project_id/doc/:doc_id/metadata', AuthorizationMiddleware.ensureUserCanReadProject, AuthenticationController.requireLogin(), MetaController.broadcastMetadataForDoc
|
2017-06-02 10:12:59 -04:00
|
|
|
|
|
|
|
|
2016-01-29 10:11:27 -05:00
|
|
|
webRouter.get '/tag', AuthenticationController.requireLogin(), TagsController.getAllTags
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/tag', AuthenticationController.requireLogin(), RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "create-tag"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}), TagsController.createTag
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/tag/:tag_id/rename', AuthenticationController.requireLogin(), RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "rename-tag"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}), TagsController.renameTag
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.delete '/tag/:tag_id', AuthenticationController.requireLogin(), RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "delete-tag"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}), TagsController.deleteTag
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post '/tag/:tag_id/project/:project_id', AuthenticationController.requireLogin(), RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "add-project-to-tag"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}), TagsController.addProjectToTag
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.delete '/tag/:tag_id/project/:project_id', AuthenticationController.requireLogin(), RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "remove-project-from-tag"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}), TagsController.removeProjectFromTag
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2016-01-21 15:42:50 -05:00
|
|
|
webRouter.get '/notifications', AuthenticationController.requireLogin(), NotificationsController.getAllUnreadNotifications
|
2016-09-02 11:17:37 -04:00
|
|
|
webRouter.delete '/notifications/:notification_id', AuthenticationController.requireLogin(), NotificationsController.markNotificationAsRead
|
2016-01-21 15:42:50 -05:00
|
|
|
|
2016-11-11 12:03:01 -05:00
|
|
|
webRouter.get '/announcements', AuthenticationController.requireLogin(), AnnouncementsController.getUndreadAnnouncements
|
|
|
|
|
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
# Deprecated in favour of /internal/project/:project_id but still used by versioning
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/project/:project_id/details', AuthenticationController.httpAuth, ProjectApiController.getProjectDetails
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
# New 'stable' /internal API end points
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/internal/project/:project_id', AuthenticationController.httpAuth, ProjectApiController.getProjectDetails
|
|
|
|
privateApiRouter.get '/internal/project/:Project_id/zip', AuthenticationController.httpAuth, ProjectDownloadsController.downloadProject
|
|
|
|
privateApiRouter.get '/internal/project/:project_id/compile/pdf', AuthenticationController.httpAuth, CompileController.compileAndDownloadPdf
|
2015-07-08 08:29:10 -04:00
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.post '/internal/deactivateOldProjects', AuthenticationController.httpAuth, InactiveProjectController.deactivateOldProjects
|
|
|
|
privateApiRouter.post '/internal/project/:project_id/deactivate', AuthenticationController.httpAuth, InactiveProjectController.deactivateProject
|
2015-08-13 17:50:39 -04:00
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.get /^\/internal\/project\/([^\/]*)\/output\/(.*)$/,
|
|
|
|
((req, res, next) ->
|
|
|
|
params =
|
|
|
|
"Project_id": req.params[0]
|
|
|
|
"file": req.params[1]
|
|
|
|
req.params = params
|
|
|
|
next()
|
|
|
|
), AuthenticationController.httpAuth, CompileController.getFileFromClsi
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/project/:Project_id/doc/:doc_id', AuthenticationController.httpAuth, DocumentController.getDocument
|
|
|
|
privateApiRouter.post '/project/:Project_id/doc/:doc_id', AuthenticationController.httpAuth, DocumentController.setDocument
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.post '/user/:user_id/update/*', AuthenticationController.httpAuth, TpdsController.mergeUpdate
|
|
|
|
privateApiRouter.delete '/user/:user_id/update/*', AuthenticationController.httpAuth, TpdsController.deleteUpdate
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.post '/project/:project_id/contents/*', AuthenticationController.httpAuth, TpdsController.updateProjectContents
|
|
|
|
privateApiRouter.delete '/project/:project_id/contents/*', AuthenticationController.httpAuth, TpdsController.deleteProjectContents
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.post "/spelling/check", AuthenticationController.requireLogin(), SpellingController.proxyRequestToSpellingApi
|
|
|
|
webRouter.post "/spelling/learn", AuthenticationController.requireLogin(), SpellingController.proxyRequestToSpellingApi
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get "/project/:project_id/messages", AuthorizationMiddleware.ensureUserCanReadProject, ChatController.getMessages
|
|
|
|
webRouter.post "/project/:project_id/messages", AuthorizationMiddleware.ensureUserCanReadProject, RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "send-chat-message"
|
|
|
|
maxRequests: 100
|
|
|
|
timeInterval: 60
|
|
|
|
}), ChatController.sendMessage
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post "/project/:Project_id/references/index", AuthorizationMiddleware.ensureUserCanReadProject, RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "index-project-references"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}), ReferencesController.index
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.post "/project/:Project_id/references/indexAll", AuthorizationMiddleware.ensureUserCanReadProject, RateLimiterMiddleware.rateLimit({
|
2019-01-18 05:10:09 -05:00
|
|
|
endpointName: "index-all-project-references"
|
|
|
|
maxRequests: 30
|
|
|
|
timeInterval: 60
|
|
|
|
}), ReferencesController.indexAll
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2018-03-19 13:02:27 -04:00
|
|
|
# disable beta program while v2 is in beta
|
|
|
|
# webRouter.get "/beta/participate", AuthenticationController.requireLogin(), BetaProgramController.optInPage
|
|
|
|
# webRouter.post "/beta/opt-in", AuthenticationController.requireLogin(), BetaProgramController.optIn
|
|
|
|
# webRouter.post "/beta/opt-out", AuthenticationController.requireLogin(), BetaProgramController.optOut
|
2017-05-10 05:05:48 -04:00
|
|
|
webRouter.get "/confirm-password", AuthenticationController.requireLogin(), SudoModeController.sudoModePrompt
|
2019-01-11 09:14:27 -05:00
|
|
|
webRouter.post "/confirm-password",
|
|
|
|
AuthenticationController.requireLogin(),
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2019-01-11 09:14:27 -05:00
|
|
|
endpointName: "confirm-password"
|
|
|
|
maxRequests: 10
|
|
|
|
timeInterval: 60
|
|
|
|
}),
|
|
|
|
SudoModeController.submitPassword
|
2016-06-07 06:15:56 -04:00
|
|
|
|
2018-06-13 10:30:46 -04:00
|
|
|
# New "api" endpoints. Started as a way for v1 to call over to v2 (for
|
|
|
|
# long-term features, as opposed to the nominally temporary ones in the
|
|
|
|
# overleaf-integration module), but may expand beyond that role.
|
|
|
|
publicApiRouter.post '/api/clsi/compile/:submission_id', AuthenticationController.httpAuth, CompileController.compileSubmission
|
|
|
|
publicApiRouter.get /^\/api\/clsi\/compile\/([^\/]*)\/build\/([0-9a-f-]+)\/output\/(.*)$/,
|
|
|
|
((req, res, next) ->
|
|
|
|
params =
|
|
|
|
"submission_id": req.params[0]
|
|
|
|
"build_id": req.params[1]
|
|
|
|
"file": req.params[2]
|
|
|
|
req.params = params
|
|
|
|
next()
|
|
|
|
),
|
|
|
|
AuthenticationController.httpAuth,
|
|
|
|
CompileController.getFileFromClsiWithoutUser
|
2019-03-04 07:02:28 -05:00
|
|
|
publicApiRouter.post '/api/institutions/confirm_university_domain', RateLimiterMiddleware.rateLimit({
|
2019-02-15 08:16:39 -05:00
|
|
|
endpointName: 'confirm-university-domain',
|
|
|
|
maxRequests: 1,
|
|
|
|
timeInterval: 60
|
|
|
|
}), AuthenticationController.httpAuth, InstitutionsController.confirmDomain
|
2018-06-13 10:30:46 -04:00
|
|
|
|
2018-09-20 11:30:20 -04:00
|
|
|
webRouter.get '/chrome', (req, res, next) ->
|
|
|
|
# Match v1 behaviour - this is used for a Chrome web app
|
|
|
|
if AuthenticationController.isUserLoggedIn(req)
|
|
|
|
res.redirect('/project')
|
|
|
|
else
|
|
|
|
res.redirect('/register')
|
2018-09-18 12:14:37 -04:00
|
|
|
|
2014-02-12 05:23:40 -05:00
|
|
|
#Admin Stuff
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get '/admin', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.index
|
|
|
|
webRouter.get '/admin/user', AuthorizationMiddleware.ensureUserIsSiteAdmin, (req, res)-> res.redirect("/admin/register") #this gets removed by admin-panel addon
|
|
|
|
webRouter.get '/admin/register', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.registerNewUser
|
|
|
|
webRouter.post '/admin/register', AuthorizationMiddleware.ensureUserIsSiteAdmin, UserController.register
|
|
|
|
webRouter.post '/admin/closeEditor', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.closeEditor
|
|
|
|
webRouter.post '/admin/dissconectAllUsers', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.dissconectAllUsers
|
|
|
|
webRouter.post '/admin/syncUserToSubscription', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.syncUserToSubscription
|
|
|
|
webRouter.post '/admin/flushProjectToTpds', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.flushProjectToTpds
|
|
|
|
webRouter.post '/admin/pollDropboxForUser', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.pollDropboxForUser
|
|
|
|
webRouter.post '/admin/messages', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.createMessage
|
|
|
|
webRouter.post '/admin/messages/clear', AuthorizationMiddleware.ensureUserIsSiteAdmin, AdminController.clearMessages
|
2015-06-30 09:38:32 -04:00
|
|
|
|
2019-02-06 09:06:40 -05:00
|
|
|
privateApiRouter.post '/disconnectAllUsers', AdminController.dissconectAllUsers
|
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/perfTest', (req,res)->
|
2014-02-12 05:23:40 -05:00
|
|
|
res.send("hello")
|
|
|
|
|
2017-07-05 09:50:38 -04:00
|
|
|
publicApiRouter.get '/status', (req,res)->
|
2017-07-04 07:42:54 -04:00
|
|
|
res.send("web sharelatex is alive (web)")
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/status', (req,res)->
|
2017-07-04 07:42:54 -04:00
|
|
|
res.send("web sharelatex is alive (api)")
|
2015-12-17 06:51:14 -05:00
|
|
|
|
2016-07-18 11:47:45 -04:00
|
|
|
webRouter.get '/dev/csrf', (req, res) ->
|
|
|
|
res.send res.locals.csrfToken
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2017-07-05 09:50:38 -04:00
|
|
|
publicApiRouter.get '/health_check', HealthCheckController.check
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/health_check', HealthCheckController.check
|
2017-06-19 10:54:14 -04:00
|
|
|
|
2017-07-05 09:50:38 -04:00
|
|
|
publicApiRouter.get '/health_check/redis', HealthCheckController.checkRedis
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/health_check/redis', HealthCheckController.checkRedis
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2018-08-29 05:35:42 -04:00
|
|
|
publicApiRouter.get '/health_check/mongo', HealthCheckController.checkMongo
|
|
|
|
privateApiRouter.get '/health_check/mongo', HealthCheckController.checkMongo
|
|
|
|
|
2019-03-04 07:02:28 -05:00
|
|
|
webRouter.get "/status/compiler/:Project_id", AuthorizationMiddleware.ensureUserCanReadProject, (req, res) ->
|
2016-08-31 11:10:24 -04:00
|
|
|
project_id = req.params.Project_id
|
2014-03-12 17:56:58 -04:00
|
|
|
sendRes = _.once (statusCode, message)->
|
2016-08-31 10:21:23 -04:00
|
|
|
res.status statusCode
|
|
|
|
res.send message
|
2016-08-31 11:10:24 -04:00
|
|
|
ClsiCookieManager.clearServerId project_id # force every compile to a new server
|
2016-08-31 10:21:23 -04:00
|
|
|
# set a timeout
|
|
|
|
handler = setTimeout (() ->
|
2014-03-12 17:56:58 -04:00
|
|
|
sendRes 500, "Compiler timed out"
|
2016-08-31 10:21:23 -04:00
|
|
|
handler = null
|
2014-02-12 05:23:40 -05:00
|
|
|
), 10000
|
2016-08-31 10:21:23 -04:00
|
|
|
# use a valid user id for testing
|
|
|
|
test_user_id = "123456789012345678901234"
|
|
|
|
# run the compile
|
2016-08-31 11:10:24 -04:00
|
|
|
CompileManager.compile project_id, test_user_id, {}, (error, status) ->
|
2016-08-31 10:21:23 -04:00
|
|
|
clearTimeout handler if handler?
|
|
|
|
if error?
|
|
|
|
sendRes 500, "Compiler returned error #{error.message}"
|
|
|
|
else if status is "success"
|
|
|
|
sendRes 200, "Compiler returned in less than 10 seconds"
|
|
|
|
else
|
|
|
|
sendRes 500, "Compiler returned failure #{status}"
|
2014-02-12 05:23:40 -05:00
|
|
|
|
2017-12-15 08:38:34 -05:00
|
|
|
webRouter.get "/no-cache", (req, res, next)->
|
|
|
|
res.header("Cache-Control", "max-age=0")
|
|
|
|
res.sendStatus(404)
|
|
|
|
|
2016-03-21 07:55:59 -04:00
|
|
|
webRouter.get '/oops-express', (req, res, next) -> next(new Error("Test error"))
|
|
|
|
webRouter.get '/oops-internal', (req, res, next) -> throw new Error("Test error")
|
|
|
|
webRouter.get '/oops-mongo', (req, res, next) ->
|
2014-02-12 05:23:40 -05:00
|
|
|
require("./models/Project").Project.findOne {}, () ->
|
|
|
|
throw new Error("Test error")
|
|
|
|
|
2017-07-05 09:43:41 -04:00
|
|
|
privateApiRouter.get '/opps-small', (req, res, next)->
|
2014-09-18 09:37:23 -04:00
|
|
|
logger.err "test error occured"
|
|
|
|
res.send()
|
|
|
|
|
2015-06-30 09:38:32 -04:00
|
|
|
webRouter.post '/error/client', (req, res, next) ->
|
2016-03-21 09:29:34 -04:00
|
|
|
logger.warn err: req.body.error, meta: req.body.meta, "client side error"
|
2016-05-26 06:48:22 -04:00
|
|
|
metrics.inc("client-side-error")
|
2015-07-08 11:56:38 -04:00
|
|
|
res.sendStatus(204)
|
2014-03-14 07:14:02 -04:00
|
|
|
|
2017-09-22 09:54:35 -04:00
|
|
|
|
|
|
|
webRouter.get '/read/:read_only_token([a-z]+)',
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2017-10-26 09:11:31 -04:00
|
|
|
endpointName: 'read-only-token',
|
2019-01-03 12:56:24 -05:00
|
|
|
maxRequests: 15,
|
2017-10-26 09:11:31 -04:00
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2017-09-22 09:54:35 -04:00
|
|
|
TokenAccessController.readOnlyToken
|
|
|
|
|
|
|
|
webRouter.get '/:read_and_write_token([0-9]+[a-z]+)',
|
2019-03-04 07:02:28 -05:00
|
|
|
RateLimiterMiddleware.rateLimit({
|
2017-10-26 09:11:31 -04:00
|
|
|
endpointName: 'read-and-write-token',
|
2019-01-03 12:56:24 -05:00
|
|
|
maxRequests: 15,
|
2017-10-26 09:11:31 -04:00
|
|
|
timeInterval: 60
|
|
|
|
}),
|
2017-09-22 09:54:35 -04:00
|
|
|
TokenAccessController.readAndWriteToken
|
|
|
|
|
2016-08-10 11:42:56 -04:00
|
|
|
webRouter.get '*', ErrorController.notFound
|