api/app.js at master · gitbot/api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
/*global require:true, module:true, console:true */
var     express = require('express')
    ,   config = require('./lib/config')
    ,   factory = require('./lib/factory')
    ,   redis = factory.Redis(config)
    ,   app = express()
    ,   ping  = require('./lib/ping')
    ,   auth = require('./apps/auth')
    ,   events = require('./apps/events')
    ,   http = require('http')
    ,   user = require('./apps/user')
    ,   receiver = require('./apps/receiver')
    ,   Session = require('./lib/model/account').Session
    ,   session = new Session(redis);

var AUTH_HEADER = 'x-auth-authcode';

var ALLOWED_HEADERS = [
    'content-type',
    'x-requested-with',
    AUTH_HEADER
];
var allowCrossDomain = function(req, res, next) {
    // TODO: Get these from config
    res.set('Access-Control-Allow-Origin', req.headers.origin || "*");
    res.set('Access-Control-Allow-Methods', 'GET,POST,PUT,PATCH, DELETE,OPTIONS');
    res.set('Access-Control-Allow-Headers', ALLOWED_HEADERS.join(','));

    next();
};

var authcode = function(session) {

    return function simpleAuthCodeHandler(req, res, next) {

        req.session = {};
        var authcode = req.session.authcode =
                                            req.headers[AUTH_HEADER] ||
                                            (req.body && req.body.authcode) ||
                                            (req.query && req.query.authcode);
        if (authcode) {
            session.find(authcode,
                            function(err, data) {
                                if (!err) {
                                    req.session.accessToken = data.accessToken;
                                    req.session.username = data.username;
                                }
                                next();
                            });
        } else {
            next();
        }
    };
};

var responseError = function(req, res, next) {
    var rsend = res.send;
    res.send = function() {
        if (arguments[0].statusCode && arguments[0].body) {
            return rsend.call(res, arguments[0].statusCode, arguments[0].body);
        } else {
            return rsend.apply(res, arguments);
        }
    };
    next();
};

app.configure(function() {
    app.enable('trust proxy');
    app.use(responseError);
    app.use(express.bodyParser());
    app.use(express.logger('dev')); // TODO: Get this from config
    app.use(allowCrossDomain);
    app.use(authcode(session));
    app.use(app.router);
    app.use(ping());
    app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
});

app.use('/auth', auth(config));
app.use('/user', user(config));
app.use('/hooks', receiver(config));

app.options('*', function(req, res) {
    res.send({success: true});
});

if (!module.parent) {
    var server = http.createServer(app);
    server.listen(config.api.port, config.api.ip);
    events.listen(server, config);
    console.log('Express is listening at [%s]:[%s]', config.api.ip, config.api.port);
}