FoundKey/packages/backend/src/server/api/api-handler.ts

import Koa from 'koa';

import { IEndpoint } from './endpoints.js';
import authenticate, { AuthenticationError } from './authenticate.js';
import call from './call.js';
import { ApiError } from './error.js';

export async function handler(endpoint: IEndpoint, ctx: Koa.Context): Promise<void> {
	const body = ctx.is('multipart/form-data')
		? (ctx.request as any).body
		: ctx.method === 'GET'
			? ctx.query
			: ctx.request.body;

	const error = (e: ApiError): void => {
		ctx.status = e.httpStatusCode;
		if (e.httpStatusCode === 401) {
			ctx.response.set('WWW-Authenticate', 'Bearer');
		}
		ctx.body = {
			error: {
				message: e!.message,
				code: e!.code,
				...(e!.info ? { info: e!.info } : {}),
				endpoint: endpoint.name,
			},
		};
	}

	// Authentication
	// for GET requests, do not even pass on the body parameter as it is considered unsafe
	await authenticate(ctx.headers.authorization, ctx.method === 'GET' ? null : body['i']).then(async ([user, app]) => {
		// API invoking
		await call(endpoint.name, user, app, body, ctx).then((res: any) => {
			if (ctx.method === 'GET' && endpoint.meta.cacheSec && !body['i'] && !user) {
				ctx.set('Cache-Control', `public, max-age=${endpoint.meta.cacheSec}`);
			}
			if (res == null) {
				ctx.status = 204;
			} else {
				ctx.status = 200;
				// If a string is returned, it must be passed through JSON.stringify to be recognized as JSON.
				ctx.body = typeof res === 'string' ? JSON.stringify(res) : res;
			}
		}).catch((e: ApiError) => {
			error(e);
		});
	}).catch(e => {
		if (e instanceof AuthenticationError) {
			error(new ApiError('AUTHENTICATION_FAILED', e.message));
		} else {
			error(new ApiError());
		}
	});
};
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 02:07:39 +00:00			`import Koa from 'koa';`
Initial commit :four_leaf_clover: 2016-12-28 22:49:51 +00:00
refactor: Use ESM (#8358) * wip * wip * fix * clean up * Update tsconfig.json * Update activitypub.ts * wip 2022-02-27 02:07:39 +00:00			`import { IEndpoint } from './endpoints.js';`
			`import authenticate, { AuthenticationError } from './authenticate.js';`
			`import call from './call.js';`
			`import { ApiError } from './error.js';`
Initial commit :four_leaf_clover: 2016-12-28 22:49:51 +00:00
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`export async function handler(endpoint: IEndpoint, ctx: Koa.Context): Promise<void> {`
feat: allow GET for some endpoints Resolve #8263 2022-06-25 09:26:31 +00:00			`const body = ctx.is('multipart/form-data')`
fix #8894 2022-06-26 08:38:50 +00:00			`? (ctx.request as any).body`
feat: allow GET for some endpoints Resolve #8263 2022-06-25 09:26:31 +00:00			`: ctx.method === 'GET'`
			`? ctx.query`
			`: ctx.request.body;`
wip 2018-04-13 02:44:39 +00:00
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`const error = (e: ApiError): void => {`
server: refactor ApiError to store error descriptions centrally The UUIDs are no longer used for errors and all errors should now have a descriptive message attached to them. Also, all errors should now have the proper HTTP status code for a reply instead of the generic 400 and 500 response codes. Because the errors all have more specific error codes, the "kind" of client or server is also abolished. 2022-10-20 21:04:24 +00:00			`ctx.status = e.httpStatusCode;`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`if (e.httpStatusCode === 401) {`
			`ctx.response.set('WWW-Authenticate', 'Bearer');`
ストリーム経由でAPIにリクエストできるように 2018-04-11 08:40:01 +00:00			`}`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`ctx.body = {`
			`error: {`
			`message: e!.message,`
			`code: e!.code,`
			`...(e!.info ? { info: e!.info } : {}),`
			`endpoint: endpoint.name,`
			`},`
			`};`
			`}`
ストリーム経由でAPIにリクエストできるように 2018-04-11 08:40:01 +00:00
Fix typo: Authetication -> Authentication 2017-02-27 07:14:41 +00:00			`// Authentication`
add OAuth 2.0 Bearer Token authentication 2022-07-18 15:41:08 +00:00			`// for GET requests, do not even pass on the body parameter as it is considered unsafe`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`await authenticate(ctx.headers.authorization, ctx.method === 'GET' ? null : body['i']).then(async ([user, app]) => {`
Refactor 2019-02-22 05:46:49 +00:00			`// API invoking`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`await call(endpoint.name, user, app, body, ctx).then((res: any) => {`
feat: allow GET for some endpoints Resolve #8263 2022-06-25 09:26:31 +00:00			`if (ctx.method === 'GET' && endpoint.meta.cacheSec && !body['i'] && !user) {`
			ctx.set('Cache-Control', `public, max-age=${endpoint.meta.cacheSec}`);
			`}`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`if (res == null) {`
			`ctx.status = 204;`
			`} else {`
			`ctx.status = 200;`
			`// If a string is returned, it must be passed through JSON.stringify to be recognized as JSON.`
			`ctx.body = typeof res === 'string' ? JSON.stringify(res) : res;`
			`}`
strictNullChecks (#4666) * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip * wip 2019-04-12 16:43:22 +00:00			`}).catch((e: ApiError) => {`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`error(e);`
Refactor 2019-02-22 05:46:49 +00:00			`});`
API AuthenticateでDB接続エラーなどが発生するとログアウトさせられてしまうのを修正 Fix #7603 (#7604) 2021-07-17 15:53:16 +00:00			`}).catch(e => {`
			`if (e instanceof AuthenticationError) {`
server: refactor ApiError to store error descriptions centrally The UUIDs are no longer used for errors and all errors should now have a descriptive message attached to them. Also, all errors should now have the proper HTTP status code for a reply instead of the generic 400 and 500 response codes. Because the errors all have more specific error codes, the "kind" of client or server is also abolished. 2022-10-20 21:04:24 +00:00			`error(new ApiError('AUTHENTICATION_FAILED', e.message));`
API AuthenticateでDB接続エラーなどが発生するとログアウトさせられてしまうのを修正 Fix #7603 (#7604) 2021-07-17 15:53:16 +00:00			`} else {`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`error(new ApiError());`
API AuthenticateでDB接続エラーなどが発生するとログアウトさせられてしまうのを修正 Fix #7603 (#7604) 2021-07-17 15:53:16 +00:00			`}`
Refactor 2019-02-22 05:46:49 +00:00			`});`
server: refactor API handler and returning errors This refactors the API handler to not use default exports, be async instead of constructing a promise and modify how errors are returned. 2022-10-23 11:34:37 +00:00			`};`