lib/rhoconnect/server.rb in rhoconnect-3.0.1 vs lib/rhoconnect/server.rb in rhoconnect-3.0.2
- old
+ new
@@ -1,12 +1,14 @@
$:.unshift File.join(File.dirname(__FILE__),'..')
require 'sinatra/base'
require 'erb'
require 'json'
require 'fileutils'
+#require 'rack/contrib'
require 'rhoconnect'
require 'rhoconnect/x_domain_session_wrapper'
+require 'rhoconnect/body_content_type_parser'
require 'rhoconnect/cors'
module Rhoconnect
class ApiException < Exception
@@ -17,19 +19,17 @@
end
end
class Server < Sinatra::Base
libdir = File.dirname(File.expand_path(__FILE__))
- set :views, "#{libdir}/server/views"
- set :public, "#{libdir}/server/public"
- set :static, true
-
+ set :views, "#{libdir}/server/views"
+ set :public_folder, "#{libdir}/server/public"
+ set :static, true
+ set :stats, false
+
# default secret
@@secret = '<changeme>'
-
- # stats middleware disabled by default
- @@stats = false
# Setup route and mimetype for bulk data downloads
# TODO: Figure out why "mime :data, 'application/octet-stream'" doesn't work
Rack::Mime::MIME_TYPES['.data'] = 'application/octet-stream'
@@ -60,11 +60,11 @@
end
def login
if params[:login] == 'rhoadmin'
user = User.authenticate(params[:login], params[:password])
- elsif current_app and current_app.can_authenticate?
+ elsif current_app and current_app.can_authenticate? and params[:login]
user = current_app.authenticate(params[:login], params[:password], session)
end
if user
session[:login] = user.login
session[:app_name] = APP_NAME
@@ -149,11 +149,11 @@
end
def mark_deprecated_call_and_reroute(name, namespace, *params)
namespace_val = namespace.nil? ? "<namespace>" : "#{namespace}"
http_method = request.get? ? "GET" : "POST"
- warning_message = "Use of the #{http_method} #{request.route} is deprecated. Use #{http_method} /api/#{namespace_val}/#{name} instead."
+ warning_message = "Use of the #{http_method} #{request.path} is deprecated. Use #{http_method} /api/#{namespace_val}/#{name} instead."
response.headers['Warning'] = warning_message
Rhoconnect.log warning_message
if namespace != nil
call env.merge('PATH_INFO' => "/api/#{namespace}/#{name}")
else
@@ -175,42 +175,44 @@
throw :halt, [422, "No API token provided"]
end
end
end
+ # TODO: Load middleware statically
# hook into new so we can enable middleware
def self.new
- if @@stats == true
- use Rhoconnect::Stats::Middleware
- Rhoconnect.stats = true
- end
use XDomainSessionWrapper
- use Rack::Session::Cookie,
- :key => 'rhoconnect_session',
- :expire_after => Rhoconnect.cookie_expire,
- :secret => @@secret
use Rack::Cors do |cfg|
cfg.allow do |allow|
allow.origins /.*/
allow.resource '/application', :headers => :any, :methods => [:get, :post, :put, :delete], :credentials => true
allow.resource '/application/*', :headers => :any, :methods => [:get, :post, :put, :delete], :credentials => true
allow.resource '/api/application', :headers => :any, :methods => [:get, :post, :put, :delete], :credentials => true
allow.resource '/api/application/*', :headers => :any, :methods => [:get, :post, :put, :delete], :credentials => true
end
end
+ use Rhoconnect::BodyContentTypeParser
+
+ if settings.respond_to?(:stats) and settings.send(:stats) == true
+ use Rhoconnect::Stats::Middleware
+ Rhoconnect.stats = true
+ else
+ Rhoconnect::Server.disable :stats
+ Rhoconnect.stats = false
+ end
+
+ Rhoconnect::Server.set :secret, @@secret unless settings.respond_to?(:secret)
+ use Rack::Session::Cookie,
+ :key => 'rhoconnect_session',
+ :expire_after => Rhoconnect.cookie_expire,
+ :secret => Rhoconnect::Server.secret
super
end
-
- def self.set(option, value=self, &block)
- @@stats = value if option == :stats and (value.is_a?(TrueClass) or value.is_a?(FalseClass))
- @@secret = value if option == :secret and value.is_a?(String)
- super
- end
def initialize
# Whine about default session secret
- check_default_secret!(@@secret)
+ check_default_secret!(Rhoconnect::Server.secret)
super
end
Rhoconnect.log "Rhoconnect Server v#{Rhoconnect::VERSION} started..."
@@ -221,27 +223,21 @@
begin
if params["cud"]
cud = JSON.parse(params["cud"])
params.delete("cud")
params.merge!(cud)
- end
- #application/json; charset=UTF-8
- if request.env['CONTENT_TYPE'] && request.env['CONTENT_TYPE'].match(/^application\/json/)
- params.merge!(JSON.parse(request.body.read))
- request.body.rewind
- end
+ end
rescue JSON::ParserError => jpe
log jpe.message + jpe.backtrace.join("\n")
throw :halt, [500, "Server error while processing client data"]
rescue Exception => e
log e.message + e.backtrace.join("\n")
throw :halt, [500, "Internal server error"]
end
if params[:version] and params[:version].to_i < 3
throw :halt, [404, "Server supports version 3 or higher of the protocol."]
end
- #log "request params: #{params.inspect}"
end
%w[get post].each do |verb|
send(verb, "/*application*") do
unless request_action == 'clientlogin'
@@ -270,15 +266,15 @@
end
def self.api(name, namespace = nil, verb = :post, &block)
old_api_prefix = (namespace == :application) ? :application : :api
client_call = (namespace == :application) ? true : false
- send verb, "/#{old_api_prefix}/#{name}" do
- mark_deprecated_call_and_reroute(name, namespace, &block)
+ send verb, "/#{old_api_prefix}/#{name}" do
+ mark_deprecated_call_and_reroute(name, namespace, params, &block)
end
send verb, "/api/#{namespace}/#{name}" do
- execute_api_call client_call, &block
+ execute_api_call(client_call, &block)
end
end
end
end