Web Services and Plugins - kkemple/awesome-enterprise-web-service GitHub Wiki

The web service is a Hapi application with an API and sockets support.

The API is set to run on port 8080 and sockets on 8081 by default. This can be changed via the HTTP_PORT and TCP_PORT environment variables.

Community Plugins

{
  "hapi-auth-basic": "^4.1.0",
  "hapi-auth-jwt2": "^5.8.0",
  "hapi-statsd": "^5.0.0",
  "hapi-swagger": "^5.0.1",
  "inert": "^3.2.0",
  "vision": "^4.1.0"
}

• hapi-auth-basic
• hapi-auth-jwt2
• hapi-statsd
• hapi-swagger
• inert
• vision

Custom Plugins

DB

The DB plugin is responsible for attaching the ORM and any Models to the server.app object. As well as connecting to the database.

Models

- User
  - Hooks
    - beforeCreate: used to hash password before saving
    - beforeUpdate: used to hash password before saving
  - Static Methods
    - authenticate: used to authenticate a user via email and password
  - Instance Methods
    - toJSON: override toJSON to omit password in responses
    - activeTokens: gets all active tokens associated with a user
    - inactiveTokens: gets all inactive tokens associated with a user
- Token
  - Static Methods
    - tokenize: creates a token for a user
  - Instance Methods
    - isExpired: returns true if token is expired

Sockets

The sockets module is responsible for setting up secure connections to clients via socket.io. It supports the same JWT auth as the API so users can access either with the same token. Unauthorized users will have their sessions killed upon auth failure.

Hasher

The hasher plugin adds a server method for hashing passwords (server.methods.hash).

Auth

The auth plugin is responsible for managing authentication and authorization. There is support for both JWT (JSON Web Token) and Basic authentication. To access a secure endpoint via basic auth, the client must either add the basic auth header or format the url with auth information included. If using JWTs, the client must send the token in the Authorization header.

Endpoints

POST /api/authenticate

This plugin also manages scopes that are attached to User roles. Using roles allows for finer grained control over API access. The rules engine is very simple (really just a lookup) but it could easily be replaced. For more info look at src/plugins/api/auth/scopes.js.

Metrics

This plugin exposes metrics endpoints for gathering monitoring information about the application and underlying server.

Endpoints

GET /api/healthcheck (auth: disabled)
GET /api/metrics (scopes: ['metrics:read'])
GET /api/metrics/uptime (scopes: ['metrics:read'])
GET /api/metrics/totalmem (scopes: ['metrics:read'])
GET /api/metrics/loadavg (scopes: ['metrics:read'])
GET /api/metrics/serverload (scopes: ['metrics:read'])
GET /api/metrics/serverload/eventloopdelay (scopes: ['metrics:read'])
GET /api/metrics/serverload/heapused (scopes: ['metrics:read'])
GET /api/metrics/serverload/memused (scopes: ['metrics:read'])

Example Output

{
  "upTime": "2004s",
  "totalMem": "4143Mb",
  "loadAvg": [
    "Load: 0.01220703125, CPUs: 2",
    "Load: 0.072265625, CPUs: 2",
    "Load: 0.09716796875, CPUs: 2"
  ],
  "serverLoad": {
    "eventLoopDelay": "2.3214459996670485ms",
    "heapUsed": "45Mb",
    "memUsed": "79Mb"
  }
}

Users

The users plugin provides REST endpoints for basic CRUD operations on users.

Endpoints

GET /api/users (scopes: ['users:read'])
POST /api/users (scopes: ['users:create'])
GET /api/users/current (scopes: ['users:read:current'])
GET /api/users/current/tokens/active (scopes: ['users:read:current'])
GET /api/users/current/tokens/inactive (scopes: ['users:read:current'])
GET /api/users/{id} (scopes: ['users:read'])
GET /api/users/{id}/tokens/active (scopes: ['users:read'])
GET /api/users/{id}/tokens/inactive (scopes: ['users:read'])
PATCH /api/users/{id} (scopes: ['users:write'])
PUT /api/users/{id} (scopes: ['users:write'])
DELETE /api/users/{id} (scopes: ['users:delete'])