The First Roast
Rebranding
The name changes to "roaster". A new library module of the same name is also the main entry point for users of this library now.
roaster:route#2
, roaster:route#3
for routing and roaster:respond#2
to roaster:respond#4
to control what is returned from a route handler.
The test application is now called "roasted" :)
Namespaces all start with http://e-editiones.org/roaster
And we added a logo for good measure.
Authentication
You can now define custom authentication handlers and pass them to roaster.
The function MUST return the user it has identified. That information is then added to the request map.
If a route has x-constraints with groups or users, the user information in the request map is checked if it matches.
If it does not an error will be returned.
That will already handle a great deal of authorization needs in the router itself. So, your route handlers can
already assume a valid and authorised user. Of course this can still be deferred to the route handler, for more
complex checks.
The test application has a second API definition file that shows how to extend an API with arbitrary middleware, how to add headers and how to add JWT authorisation as an example.
NOTE:
For the second API definition to work you will have to install crypto-lib in version 1.0.0 and exist-jwt from the public package repository.
BREAKING CHANGES:
- the use of
router:route
is discouraged, useroaster:route
instead. - the
$lookup
-function expects only one parameter and should not catch errors
ENHANCEMENTS:
- all errors are catched uniformly with additional information passed to error handlers
- enable arbitrary middleware to transform all incoming requests
- rewrite authentication as a middleware
- enables custom authentication strategies
- adds "user" property to request map
- rewrite parameter retrieval as a middleware
- return status code 405 for matching route but non-matching method
- throw errors:OPERATION on configuration errors in API definition
- log incoming and outgoing requests with unique request-id
- use gulp tasks for comfortable development and installation
FIXES:
- order catch statements by status code
- convert map:get to $map?($key)
- throw on wrong paths in router:resolve-ref
- change variable names to use snake-case where possible
- refactor module for readability
- split up modules by concern
- add tests for binary up and download