2020-12-16 20:50:02 +01:00
|
|
|
const Router = require("@koa/router")
|
|
|
|
const compress = require("koa-compress")
|
|
|
|
const zlib = require("zlib")
|
|
|
|
const { routes } = require("./routes")
|
2021-05-28 11:09:32 +02:00
|
|
|
const { buildAuthMiddleware, auditLog } = require("@budibase/auth").auth
|
2021-04-21 17:42:44 +02:00
|
|
|
|
2021-05-05 16:10:28 +02:00
|
|
|
const PUBLIC_ENDPOINTS = [
|
2021-04-28 19:13:21 +02:00
|
|
|
{
|
2021-07-20 16:56:12 +02:00
|
|
|
// this covers all of the POST auth routes
|
2021-07-22 13:56:47 +02:00
|
|
|
route: "/api/global/auth/:tenantId",
|
2021-04-28 19:13:21 +02:00
|
|
|
method: "POST",
|
|
|
|
},
|
2021-05-05 16:10:28 +02:00
|
|
|
{
|
2021-07-20 16:56:12 +02:00
|
|
|
// this covers all of the GET auth routes
|
2021-07-22 13:56:47 +02:00
|
|
|
route: "/api/global/auth/:tenantId",
|
2021-04-28 19:13:21 +02:00
|
|
|
method: "GET",
|
2021-05-05 16:10:28 +02:00
|
|
|
},
|
2021-04-28 19:13:21 +02:00
|
|
|
{
|
2021-07-20 16:56:12 +02:00
|
|
|
// this covers all of the public config routes
|
2021-07-22 13:56:47 +02:00
|
|
|
route: "/api/global/configs/public",
|
2021-06-27 16:46:04 +02:00
|
|
|
method: "GET",
|
2021-04-28 19:13:21 +02:00
|
|
|
},
|
|
|
|
{
|
2021-07-22 17:36:21 +02:00
|
|
|
route: "api/global/flags",
|
2021-04-28 19:13:21 +02:00
|
|
|
method: "GET",
|
|
|
|
},
|
|
|
|
{
|
2021-07-22 13:56:47 +02:00
|
|
|
route: "/api/global/configs/checklist",
|
2021-04-28 19:13:21 +02:00
|
|
|
method: "GET",
|
|
|
|
},
|
2021-05-05 16:10:28 +02:00
|
|
|
{
|
2021-07-22 13:56:47 +02:00
|
|
|
route: "/api/global/users/init",
|
2021-05-05 16:10:28 +02:00
|
|
|
method: "POST",
|
|
|
|
},
|
2021-05-06 12:56:53 +02:00
|
|
|
{
|
2021-07-22 13:56:47 +02:00
|
|
|
route: "/api/global/users/invite/accept",
|
2021-07-16 16:08:58 +02:00
|
|
|
method: "POST",
|
2021-05-06 12:56:53 +02:00
|
|
|
},
|
2021-04-26 16:44:28 +02:00
|
|
|
]
|
2020-12-16 20:50:02 +01:00
|
|
|
|
|
|
|
const router = new Router()
|
|
|
|
router
|
|
|
|
.use(
|
|
|
|
compress({
|
|
|
|
threshold: 2048,
|
|
|
|
gzip: {
|
2021-03-29 16:06:00 +02:00
|
|
|
flush: zlib.constants.Z_SYNC_FLUSH,
|
2020-12-16 20:50:02 +01:00
|
|
|
},
|
|
|
|
deflate: {
|
2021-03-29 16:06:00 +02:00
|
|
|
flush: zlib.constants.Z_SYNC_FLUSH,
|
2020-12-16 20:50:02 +01:00
|
|
|
},
|
|
|
|
br: false,
|
|
|
|
})
|
|
|
|
)
|
2021-05-04 12:32:22 +02:00
|
|
|
.use("/health", ctx => (ctx.status = 200))
|
2021-05-05 16:10:28 +02:00
|
|
|
.use(buildAuthMiddleware(PUBLIC_ENDPOINTS))
|
2021-04-23 19:07:39 +02:00
|
|
|
// for now no public access is allowed to worker (bar health check)
|
|
|
|
.use((ctx, next) => {
|
2021-07-27 17:17:02 +02:00
|
|
|
if (!ctx.isAuthenticated && !ctx.publicEndpoint) {
|
2021-05-12 13:38:49 +02:00
|
|
|
ctx.throw(403, "Unauthorized - no public worker access")
|
|
|
|
}
|
2021-04-23 19:07:39 +02:00
|
|
|
return next()
|
|
|
|
})
|
2021-05-28 11:09:32 +02:00
|
|
|
.use(auditLog)
|
2020-12-16 20:50:02 +01:00
|
|
|
|
|
|
|
// error handling middleware
|
|
|
|
router.use(async (ctx, next) => {
|
|
|
|
try {
|
|
|
|
await next()
|
|
|
|
} catch (err) {
|
|
|
|
ctx.log.error(err)
|
|
|
|
ctx.status = err.status || err.statusCode || 500
|
|
|
|
ctx.body = {
|
|
|
|
message: err.message,
|
|
|
|
status: ctx.status,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
2021-05-04 12:32:22 +02:00
|
|
|
router.get("/health", ctx => (ctx.status = 200))
|
2020-12-16 20:50:02 +01:00
|
|
|
|
|
|
|
// authenticated routes
|
|
|
|
for (let route of routes) {
|
|
|
|
router.use(route.routes())
|
|
|
|
router.use(route.allowedMethods())
|
|
|
|
}
|
|
|
|
|
|
|
|
module.exports = router
|