mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-07 20:31:06 -05:00
Merge pull request #541 from sharelatex/bg-add-public-api-router
add public api router
This commit is contained in:
Brian Gough
GitHub
commit
6c1efec564
4 changed files with 49 additions and 45 deletions
|
|
@ -66,7 +66,7 @@ logger.log "Finished generating file fingerprints"
|
|||
cdnAvailable = Settings.cdn?.web?.host?
|
||||
darkCdnAvailable = Settings.cdn?.web?.darkHost?
|
||||
|
||||
module.exports = (app, webRouter, apiRouter)->
|
||||
module.exports = (app, webRouter, privateApiRouter, publicApiRouter)->
|
||||
webRouter.use (req, res, next)->
|
||||
res.locals.session = req.session
|
||||
next()
|
||||
|
|
@ -82,7 +82,8 @@ module.exports = (app, webRouter, apiRouter)->
|
|||
)
|
||||
next()
|
||||
webRouter.use addSetContentDisposition
|
||||
apiRouter.use addSetContentDisposition
|
||||
privateApiRouter.use addSetContentDisposition
|
||||
publicApiRouter.use addSetContentDisposition
|
||||
|
||||
webRouter.use (req, res, next)->
|
||||
req.externalAuthenticationSystemUsed = res.locals.externalAuthenticationSystemUsed = ->
|
||||
|
|
|
|||
|
|
@ -15,14 +15,14 @@ module.exports = Modules =
|
|||
@modules.push loadedModule
|
||||
Modules.attachHooks()
|
||||
|
||||
applyRouter: (webRouter, apiRouter) ->
|
||||
applyRouter: (webRouter, privateApiRouter, publicApiRouter) ->
|
||||
for module in @modules
|
||||
module.router?.apply?(webRouter, apiRouter)
|
||||
module.router?.apply?(webRouter, privateApiRouter, publicApiRouter)
|
||||
|
||||
applyNonCsrfRouter: (webRouter, apiRouter) ->
|
||||
applyNonCsrfRouter: (webRouter, privateApiRouter, publicApiRouter) ->
|
||||
for module in @modules
|
||||
module.nonCsrfRouter?.apply(webRouter, apiRouter)
|
||||
module.router?.applyNonCsrfRouter?(webRouter, apiRouter)
|
||||
module.nonCsrfRouter?.apply(webRouter, privateApiRouter, publicApiRouter)
|
||||
module.router?.applyNonCsrfRouter?(webRouter, privateApiRouter, publicApiRouter)
|
||||
|
||||
viewIncludes: {}
|
||||
loadViewIncludes: (app) ->
|
||||
|
|
|
|||
|
|
@ -52,7 +52,8 @@ else
|
|||
app = express()
|
||||
|
||||
webRouter = express.Router()
|
||||
apiRouter = express.Router()
|
||||
privateApiRouter = express.Router()
|
||||
publicApiRouter = express.Router()
|
||||
|
||||
if Settings.behindProxy
|
||||
app.enable('trust proxy')
|
||||
|
|
@ -108,7 +109,7 @@ Modules.hooks.fire 'passportSetup', passport, (err) ->
|
|||
if err?
|
||||
logger.err {err}, "error setting up passport in modules"
|
||||
|
||||
Modules.applyNonCsrfRouter(webRouter, apiRouter)
|
||||
Modules.applyNonCsrfRouter(webRouter, privateApiRouter, publicApiRouter)
|
||||
|
||||
webRouter.use csrfProtection
|
||||
webRouter.use translations.expressMiddlewear
|
||||
|
|
@ -122,7 +123,7 @@ webRouter.use (req, res, next) ->
|
|||
next()
|
||||
|
||||
webRouter.use ReferalConnect.use
|
||||
expressLocals(app, webRouter, apiRouter)
|
||||
expressLocals(app, webRouter, privateApiRouter, publicApiRouter)
|
||||
|
||||
if app.get('env') == 'production'
|
||||
logger.info "Production Enviroment"
|
||||
|
|
@ -143,7 +144,7 @@ webRouter.use (req, res, next) ->
|
|||
res.render("general/closed", {title:"maintenance"})
|
||||
|
||||
profiler = require "v8-profiler"
|
||||
apiRouter.get "/profile", (req, res) ->
|
||||
privateApiRouter.get "/profile", (req, res) ->
|
||||
time = parseInt(req.query.time || "1000")
|
||||
profiler.startProfiling("test")
|
||||
setTimeout () ->
|
||||
|
|
@ -165,16 +166,18 @@ notDefined = (x) -> !x?
|
|||
enableApiRouter = Settings.web?.enableApiRouter
|
||||
if enableApiRouter or notDefined(enableApiRouter)
|
||||
logger.info("providing api router");
|
||||
app.use(apiRouter)
|
||||
app.use(privateApiRouter)
|
||||
app.use(ErrorController.handleApiError)
|
||||
|
||||
enableWebRouter = Settings.web?.enableWebRouter
|
||||
if enableWebRouter or notDefined(enableWebRouter)
|
||||
logger.info("providing web router");
|
||||
app.use(publicApiRouter) # public API goes with web router for public access
|
||||
app.use(ErrorController.handleApiError)
|
||||
app.use(webRouter)
|
||||
app.use(ErrorController.handleError)
|
||||
|
||||
router = new Router(webRouter, apiRouter)
|
||||
router = new Router(webRouter, privateApiRouter, publicApiRouter)
|
||||
|
||||
module.exports =
|
||||
app: app
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ logger = require("logger-sharelatex")
|
|||
_ = require("underscore")
|
||||
|
||||
module.exports = class Router
|
||||
constructor: (webRouter, apiRouter)->
|
||||
constructor: (webRouter, privateApiRouter, publicApiRouter)->
|
||||
if !Settings.allowPublicAccess
|
||||
webRouter.all '*', AuthenticationController.requireGlobalLogin
|
||||
|
||||
|
|
@ -67,17 +67,17 @@ module.exports = class Router
|
|||
AuthenticationController.addEndpointToLoginWhitelist '/register'
|
||||
|
||||
|
||||
EditorRouter.apply(webRouter, apiRouter)
|
||||
CollaboratorsRouter.apply(webRouter, apiRouter)
|
||||
SubscriptionRouter.apply(webRouter, apiRouter)
|
||||
UploadsRouter.apply(webRouter, apiRouter)
|
||||
PasswordResetRouter.apply(webRouter, apiRouter)
|
||||
StaticPagesRouter.apply(webRouter, apiRouter)
|
||||
RealTimeProxyRouter.apply(webRouter, apiRouter)
|
||||
ContactRouter.apply(webRouter, apiRouter)
|
||||
AnalyticsRouter.apply(webRouter, apiRouter)
|
||||
EditorRouter.apply(webRouter, privateApiRouter)
|
||||
CollaboratorsRouter.apply(webRouter, privateApiRouter)
|
||||
SubscriptionRouter.apply(webRouter, privateApiRouter)
|
||||
UploadsRouter.apply(webRouter, privateApiRouter)
|
||||
PasswordResetRouter.apply(webRouter, privateApiRouter)
|
||||
StaticPagesRouter.apply(webRouter, privateApiRouter)
|
||||
RealTimeProxyRouter.apply(webRouter, privateApiRouter)
|
||||
ContactRouter.apply(webRouter, privateApiRouter)
|
||||
AnalyticsRouter.apply(webRouter, privateApiRouter)
|
||||
|
||||
Modules.applyRouter(webRouter, apiRouter)
|
||||
Modules.applyRouter(webRouter, privateApiRouter, publicApiRouter)
|
||||
|
||||
|
||||
if Settings.enableSubscriptions
|
||||
|
|
@ -106,7 +106,7 @@ module.exports = class Router
|
|||
webRouter.post '/user/delete', AuthenticationController.requireLogin(), UserController.tryDeleteUser
|
||||
|
||||
webRouter.get '/user/personal_info', AuthenticationController.requireLogin(), UserInfoController.getLoggedInUsersPersonalInfo
|
||||
apiRouter.get '/user/:user_id/personal_info', AuthenticationController.httpAuth, UserInfoController.getPersonalInfo
|
||||
privateApiRouter.get '/user/:user_id/personal_info', AuthenticationController.httpAuth, UserInfoController.getPersonalInfo
|
||||
|
||||
webRouter.get '/project', AuthenticationController.requireLogin(), ProjectController.projectListPage
|
||||
webRouter.post '/project/new', AuthenticationController.requireLogin(), ProjectController.newProject
|
||||
|
|
@ -211,15 +211,15 @@ module.exports = class Router
|
|||
|
||||
|
||||
# Deprecated in favour of /internal/project/:project_id but still used by versioning
|
||||
apiRouter.get '/project/:project_id/details', AuthenticationController.httpAuth, ProjectApiController.getProjectDetails
|
||||
privateApiRouter.get '/project/:project_id/details', AuthenticationController.httpAuth, ProjectApiController.getProjectDetails
|
||||
|
||||
# New 'stable' /internal API end points
|
||||
apiRouter.get '/internal/project/:project_id', AuthenticationController.httpAuth, ProjectApiController.getProjectDetails
|
||||
apiRouter.get '/internal/project/:Project_id/zip', AuthenticationController.httpAuth, ProjectDownloadsController.downloadProject
|
||||
apiRouter.get '/internal/project/:project_id/compile/pdf', AuthenticationController.httpAuth, CompileController.compileAndDownloadPdf
|
||||
privateApiRouter.get '/internal/project/:project_id', AuthenticationController.httpAuth, ProjectApiController.getProjectDetails
|
||||
privateApiRouter.get '/internal/project/:Project_id/zip', AuthenticationController.httpAuth, ProjectDownloadsController.downloadProject
|
||||
privateApiRouter.get '/internal/project/:project_id/compile/pdf', AuthenticationController.httpAuth, CompileController.compileAndDownloadPdf
|
||||
|
||||
apiRouter.post '/internal/deactivateOldProjects', AuthenticationController.httpAuth, InactiveProjectController.deactivateOldProjects
|
||||
apiRouter.post '/internal/project/:project_id/deactivate', AuthenticationController.httpAuth, InactiveProjectController.deactivateProject
|
||||
privateApiRouter.post '/internal/deactivateOldProjects', AuthenticationController.httpAuth, InactiveProjectController.deactivateOldProjects
|
||||
privateApiRouter.post '/internal/project/:project_id/deactivate', AuthenticationController.httpAuth, InactiveProjectController.deactivateProject
|
||||
|
||||
webRouter.get /^\/internal\/project\/([^\/]*)\/output\/(.*)$/,
|
||||
((req, res, next) ->
|
||||
|
|
@ -230,14 +230,14 @@ module.exports = class Router
|
|||
next()
|
||||
), AuthenticationController.httpAuth, CompileController.getFileFromClsi
|
||||
|
||||
apiRouter.get '/project/:Project_id/doc/:doc_id', AuthenticationController.httpAuth, DocumentController.getDocument
|
||||
apiRouter.post '/project/:Project_id/doc/:doc_id', AuthenticationController.httpAuth, DocumentController.setDocument
|
||||
privateApiRouter.get '/project/:Project_id/doc/:doc_id', AuthenticationController.httpAuth, DocumentController.getDocument
|
||||
privateApiRouter.post '/project/:Project_id/doc/:doc_id', AuthenticationController.httpAuth, DocumentController.setDocument
|
||||
|
||||
apiRouter.post '/user/:user_id/update/*', AuthenticationController.httpAuth, TpdsController.mergeUpdate
|
||||
apiRouter.delete '/user/:user_id/update/*', AuthenticationController.httpAuth, TpdsController.deleteUpdate
|
||||
privateApiRouter.post '/user/:user_id/update/*', AuthenticationController.httpAuth, TpdsController.mergeUpdate
|
||||
privateApiRouter.delete '/user/:user_id/update/*', AuthenticationController.httpAuth, TpdsController.deleteUpdate
|
||||
|
||||
apiRouter.post '/project/:project_id/contents/*', AuthenticationController.httpAuth, TpdsController.updateProjectContents
|
||||
apiRouter.delete '/project/:project_id/contents/*', AuthenticationController.httpAuth, TpdsController.deleteProjectContents
|
||||
privateApiRouter.post '/project/:project_id/contents/*', AuthenticationController.httpAuth, TpdsController.updateProjectContents
|
||||
privateApiRouter.delete '/project/:project_id/contents/*', AuthenticationController.httpAuth, TpdsController.deleteProjectContents
|
||||
|
||||
webRouter.post "/spelling/check", AuthenticationController.requireLogin(), SpellingController.proxyRequestToSpellingApi
|
||||
webRouter.post "/spelling/learn", AuthenticationController.requireLogin(), SpellingController.proxyRequestToSpellingApi
|
||||
|
|
@ -268,22 +268,22 @@ module.exports = class Router
|
|||
webRouter.post '/admin/messages', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.createMessage
|
||||
webRouter.post '/admin/messages/clear', AuthorizationMiddlewear.ensureUserIsSiteAdmin, AdminController.clearMessages
|
||||
|
||||
apiRouter.get '/perfTest', (req,res)->
|
||||
privateApiRouter.get '/perfTest', (req,res)->
|
||||
res.send("hello")
|
||||
|
||||
webRouter.get '/status', (req,res)->
|
||||
publicApiRouter.get '/status', (req,res)->
|
||||
res.send("web sharelatex is alive (web)")
|
||||
apiRouter.get '/status', (req,res)->
|
||||
privateApiRouter.get '/status', (req,res)->
|
||||
res.send("web sharelatex is alive (api)")
|
||||
|
||||
webRouter.get '/dev/csrf', (req, res) ->
|
||||
res.send res.locals.csrfToken
|
||||
|
||||
webRouter.get '/health_check', HealthCheckController.check
|
||||
apiRouter.get '/health_check', HealthCheckController.check
|
||||
publicApiRouter.get '/health_check', HealthCheckController.check
|
||||
privateApiRouter.get '/health_check', HealthCheckController.check
|
||||
|
||||
webRouter.get '/health_check/redis', HealthCheckController.checkRedis
|
||||
apiRouter.get '/health_check/redis', HealthCheckController.checkRedis
|
||||
publicApiRouter.get '/health_check/redis', HealthCheckController.checkRedis
|
||||
privateApiRouter.get '/health_check/redis', HealthCheckController.checkRedis
|
||||
|
||||
webRouter.get "/status/compiler/:Project_id", AuthorizationMiddlewear.ensureUserCanReadProject, (req, res) ->
|
||||
project_id = req.params.Project_id
|
||||
|
|
@ -321,7 +321,7 @@ module.exports = class Router
|
|||
require("./models/Project").Project.findOne {}, () ->
|
||||
throw new Error("Test error")
|
||||
|
||||
apiRouter.get '/opps-small', (req, res, next)->
|
||||
privateApiRouter.get '/opps-small', (req, res, next)->
|
||||
logger.err "test error occured"
|
||||
res.send()
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue