Refactoring of api routes

11 years ago · 5e18afe916
parent 166ce7d2ae
commit 5e18afe916
4 changed files with 60 additions and 46 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 6cc1502c8998332fc4409ea15e68e42c1724144b
+Subproject commit 733a9af6294c87acc72d1a519791e2be7d0f594f
--- a/pkg/api/api.go
+++ b/pkg/api/api.go
@ -7,61 +7,61 @@ import (
 	"github.com/torkelo/grafana-pro/pkg/setting"
 )

+// Register adds http routes
 func Register(m *macaron.Macaron) {
 	auth := middleware.Auth()

-	// index
+	// not logged in views
 	m.Get("/", auth, Index)
 	m.Post("/logout", LogoutPost)
 	m.Post("/login", LoginPost)
-
-	// login
 	m.Get("/login/:name", OAuthLogin)
 	m.Get("/login", Index)

-	// account
+	// authed views
 	m.Get("/account/", auth, Index)
-	m.Get("/api/account/", auth, GetAccount)
-	m.Post("/api/account/collaborators/add", auth, AddCollaborator)
-	m.Post("/api/account/using/:id", auth, SetUsingAccount)
-	m.Get("/api/account/others", auth, GetOtherAccounts)
-
-	// Token
-	m.Get("/api/tokens/list", auth, GetTokens)
-	m.Put("/api/tokens", auth, AddToken)
-	m.Post("/api/tokens", auth, UpdateToken)
-	m.Delete("/api/tokens/:id", auth, DeleteToken)
-
-	// data sources
-	m.Get("/acount/datasources/", auth, Index)
-	m.Get("/api/datasources/list", auth, GetDataSources)
-	m.Put("/api/datasources", auth, AddDataSource)
-	m.Post("/api/datasources", auth, UpdateDataSource)
-	m.Delete("/api/datasources/:id", auth, DeleteDataSource)
-
-	// system admin
+	m.Get("/account/datasources/", auth, Index)
 	m.Get("/admin", auth, Index)
+	m.Get("/dashboard/*", auth, Index)

-	// data source proxy
-	m.Any("/api/datasources/proxy/:id/*", auth, ProxyDataSourceRequest)
-
-	// User sign up
+	// sign up
 	m.Get("/signup", Index)
 	m.Post("/api/account/signup", SignUp)

-	// dashboards
-	m.Get("/dashboard/*", auth, Index)
-	m.Get("/api/dashboards/:slug", auth, GetDashboard)
-	m.Get("/api/search/", auth, Search)
-	m.Post("/api/dashboard/", auth, PostDashboard)
-	m.Delete("/api/dashboard/:slug", auth, DeleteDashboard)
+	// authed api
+	m.Group("/api", func() {
+		// account
+		m.Group("/account", func() {
+			m.Get("/", GetAccount)
+			m.Post("/collaborators/add", AddCollaborator)
+			m.Post("/using/:id", SetUsingAccount)
+			m.Get("/others", GetOtherAccounts)
+		})
+		// Token
+		m.Group("/tokens", func() {
+			m.Combo("/").Get(GetTokens).Put(AddToken).Post(UpdateToken)
+			m.Delete("/:id", DeleteToken)
+		})
+		// Data sources
+		m.Group("/datasources", func() {
+			m.Combo("/").Get(GetDataSources).Put(AddDataSource).Post(UpdateDataSource)
+			m.Delete("/:id", DeleteDataSource)
+			m.Any("/proxy/:id/*", auth, ProxyDataSourceRequest)
+		})
+		// Dashboard
+		m.Group("/dashboard", func() {
+			m.Combo("/:slug").Get(GetDashboard).Delete(DeleteDashboard)
+			m.Post("/", PostDashboard)
+		})
+		// Search
+		m.Get("/search/", Search)
+		// metrics
+		m.Get("/metrics/test", auth, GetTestMetrics)
+	}, auth)

 	// rendering
 	m.Get("/render/*", auth, RenderToPng)

-	// metrics
-	m.Get("/api/metrics/test", auth, GetTestMetrics)
-
 	m.NotFound(NotFound)
 }

@ -89,6 +89,11 @@ func Index(c *middleware.Context) {
 }

 func NotFound(c *middleware.Context) {
+	if c.IsApiRequest() {
+		c.JsonApiErr(200, "Not found", nil)
+		return
+	}
+
 	if err := setIndexViewData(c); err != nil {
 		c.Handle(500, "Failed to get settings", err)
 		return
--- a/pkg/middleware/auth.go
+++ b/pkg/middleware/auth.go
@ -2,25 +2,25 @@ package middleware

 import (
 	"errors"
-	"github.com/Unknwon/macaron"
-	"github.com/macaron-contrib/session"
 	"strconv"
 	"strings"

+	"github.com/Unknwon/macaron"
+
 	"github.com/torkelo/grafana-pro/pkg/bus"
 	m "github.com/torkelo/grafana-pro/pkg/models"
 	"github.com/torkelo/grafana-pro/pkg/setting"
 )

-func authGetRequestAccountId(c *Context, sess session.Store) (int64, error) {
-	accountId := sess.Get("accountId")
+func authGetRequestAccountId(c *Context) (int64, error) {
+	accountId := c.Session.Get("accountId")

 	urlQuery := c.Req.URL.Query()

 	// TODO: check that this is a localhost request
 	if len(urlQuery["render"]) > 0 {
 		accId, _ := strconv.ParseInt(urlQuery["accountId"][0], 10, 64)
-		sess.Set("accountId", accId)
+		c.Session.Set("accountId", accId)
 		accountId = accId
 	}

@ -36,6 +36,10 @@ func authGetRequestAccountId(c *Context, sess session.Store) (int64, error) {
 }

 func authDenied(c *Context) {
+	if c.IsApiRequest() {
+		c.JsonApiErr(401, "Access denied", nil)
+	}
+
 	c.Redirect(setting.AppSubUrl + "/login")
 }

@ -61,8 +65,8 @@ func authByToken(c *Context) {
 	c.Account = usingQuery.Result
 }

-func authBySession(c *Context, sess session.Store) {
-	accountId, err := authGetRequestAccountId(c, sess)
+func authBySession(c *Context) {
+	accountId, err := authGetRequestAccountId(c)

 	if err != nil && c.Req.URL.Path != "/login" {
 		authDenied(c)
@ -86,10 +90,10 @@ func authBySession(c *Context, sess session.Store) {
 }

 func Auth() macaron.Handler {
-	return func(c *Context, sess session.Store) {
+	return func(c *Context) {
 		authByToken(c)
 		if c.UserAccount == nil {
-			authBySession(c, sess)
+			authBySession(c)
 		}
 	}
 }
--- a/pkg/middleware/middleware.go
+++ b/pkg/middleware/middleware.go
@ -3,6 +3,7 @@ package middleware
 import (
 	"encoding/json"
 	"strconv"
+	"strings"

 	"github.com/Unknwon/macaron"
 	"github.com/macaron-contrib/session"
@ -62,6 +63,10 @@ func (ctx *Context) JsonOK(message string) {
 	ctx.JSON(200, resp)
 }

+func (ctx *Context) IsApiRequest() bool {
+	return strings.HasPrefix(ctx.Req.URL.Path, "/api")
+}
+
 func (ctx *Context) JsonApiErr(status int, message string, err error) {
 	resp := make(map[string]interface{})