Coder Social home page Coder Social logo

apis's Introduction

Security Note

All apis resources are by default fully CORS and JSONP available. You must use CSRF protection for all your authenticated requests (even for GET requests) and apis supports such protection by default too. Optionally, you can check Origin of your requests or disable CORS/JSONP functionality (completely or for choosen request handlers).

By default, apis philosophy is to allow cross-origin requests and be ready for them.

Also, by default, every resource will have 'options' handler providing resource description and it will not be protected by authentication or something. You can allways override this handler with null or your own variant.

Handlers

Handler interface:

  • setup(chain) - can be used to perform some interaction between handlers of chain, used by Impl and Ret
  • handle(ctx) - async handle, must not throw any exceptions, use ctx.error() instead, usually must call ctx.next() at some point

Test page

To get test page on /test_page add to your contract:

cont('/test', [apis.testPage.contract])

Apps known by Loader

  • app - app itself, will be searched at cwd()+'/lib/app'
  • cluster_master - cluster master app, will be searched at cwd()+'/lib/claster_master'
  • daemon_master - daemon start/stop app, will be searched at cwd()+'/lib/daemon_master'

For any app, if it cannot be found, apis default will be used.

Units known by Loader

  • core.app - known by app actually (which also is loader), the app itself

  • core.uncaught - uncaught exception handler

  • core.logging - logging subsystem

    • core.logging.engines.syslog - syslog logging engine

  • core.mechanics.web - web mechanics, enables responding on HTTP requests

  • core.mechanics.socket - socket mechanics, enables web socket communications, runs on top of web mechanics

    • core.mechanics.socket.stat - web socket statistics

  • core.settings - settings, will be searched at cwd()+'/lib/settings'

  • core.handler - main app contract, will be searched at cwd()+'/lib/contract'

For both core.settings and core.handler units, if unit cannot be found, apis default will be used.

REST notes

  • stateless all the way
  • GET must be cacheable !!!
    • think about url & args, how to provide cacheable structure
  • PUT vs POST
    • PUT is safe to repeat (example: update something)
    • POST is not safe to repeat - can create copies (example: create)
  • DELETE is safe to repeat (just ensures that it's deleted)

apis's People

Contributors

dimsmol avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.