clean up api a bit

nightscout · Jul 13, 2014 · 15b62d9 · 15b62d9
1 parent 44e6340
commit 15b62d9
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 119 deletions.
diff --git a/lib/api.js b/lib/api.js
@@ -9,13 +9,12 @@ var ENTRIES_DEFAULT_COUNT = 10;
 var ObjectID = require('mongodb').ObjectID;
 
 function api (env, store, entries, settings) {
-    var with_entries_collection = store.with_collection(env.mongo_collection);
-    var with_settings_collection = store.with_collection(env.settings_collection);
 
     var express = require('express'),
         api = express(),
         bodyParser = require('body-parser');
 
+    var verifyAuthorization = require('./middleware/verify-token')(env);
     api.set('title', 'Nightscout API v1');
     api.use(bodyParser.json());
     api.use(bodyParser.urlencoded({
@@ -97,127 +96,10 @@ function api (env, store, entries, settings) {
         }, json);
     });
 
-    function verifyAuthorization(req, res, next) {
-        // Retrieve the secret values to be compared.
-        var api_secret = env.api_secret;
-        var secret = req.params.secret ? req.params.secret : req.header('API_SECRET');
-
-        // Return an error message if the authorization fails.
-        var unauthorized = (typeof api_secret === 'undefined' || secret != api_secret);
-        if (unauthorized) {
-            sendJSONStatus(res, HTTP_UNAUTHORIZED, 'Unauthorized', 'API_SECRET Request Header is incorect or missing.');
-        } else {
-            next();
-        }
-
-        return unauthorized;
-    }
-
     return api;
 }
 module.exports = api;
 
-/*
-return;
-module.exports = function (env, entries, settings, entry_coll_fn, settings_coll_fn) {
-    with_entries_collection = entry_coll_fn;
-    with_settings_collection = settings_coll_fn;
-
-    var express = require('express'),
-        api = express(),
-        bodyParser = require('body-parser');
-
-    api.set('title', 'Nightscout API v1');
-    api.use(bodyParser.json());
-    api.use(bodyParser.urlencoded({
-        extended: true
-    }));
-    
-    api.get('/authorized/:secret/test', verifyAuthorization, function (req, res, next) {
-        return res.json({status: 'ok'});
-    });
-
-    api.get('/authorized/test', verifyAuthorization, function (req, res, next) {
-        return res.json({status: 'ok'});
-    });
-
-    api.get('/entries', function(req, res) {
-        // If "?count=" is present, use that number to decided how many to return.
-        var count = parseInt(req.query.count, 0) || ENTRIES_DEFAULT_COUNT;
-        getEntries(function(err, entries) {
-            if (err)
-                sendJSONStatus(res, HTTP_INTERNAL_ERROR, 'Mongo Error', err);
-            else
-                return res.json(entries);
-        }, count);
-    });
-
-    api.get('/entries/current', function(req, res) {
-        getEntries(function(err, entries) {
-            if (err)
-                sendJSONStatus(res, HTTP_INTERNAL_ERROR, 'Mongo Error', err);
-            else
-                return res.json(entries);
-        }, 1);
-    });
-
-    api.get('/entries/:id', function(req, res) {
-        getEntry(function(err, entry) {
-            if (err)
-                sendJSONStatus(res, HTTP_INTERNAL_ERROR, 'Mongo Error', err);
-            else
-                return res.json(entry);
-        }, req.params.id);
-    });
-
-    api.get('/settings', function(req, res) {
-        getSettings(function(err, settings) {
-            if (err)
-                sendJSONStatus(res, HTTP_INTERNAL_ERROR, 'Mongo Error', err);
-            else
-                return res.json(settings);
-        });
-    });
-
-    api.put('/settings', verifyAuthorization, function(req, res) {
-        // Retrieve the JSON formatted record.
-        var json = req.body;
-        //console.log(json);
-        
-        // Send the new settings to mongodb.
-        updateSettings(function(err, settings) {
-            if (err)
-                sendJSONStatus(res, HTTP_INTERNAL_ERROR, 'Mongo Error', err);
-            else {
-                // Add a warning to the outgoing status when HTTPS is not being used.
-                var warning = '';
-                if (req.secure === false)
-                    warning = 'WARNING: HTTPS is required to secure your data!';
-                
-                return sendJSONStatus(res, HTTP_OK, 'Settings update successful', settings, warning);
-            }
-        }, json);
-    });
-
-    function verifyAuthorization(req, res, next) {
-        // Retrieve the secret values to be compared.
-        var api_secret = env.api_secret;
-        var secret = req.params.secret ? req.params.secret : req.header('API_SECRET');
-
-        // Return an error message if the authorization fails.
-        var unauthorized = (typeof api_secret === 'undefined' || secret != api_secret);
-        if (unauthorized) {
-            sendJSONStatus(res, HTTP_UNAUTHORIZED, 'Unauthorized', 'API_SECRET Request Header is incorect or missing.');
-        } else {
-            next();
-        }
-
-        return unauthorized;
-    }
-    
-    return api;
-};
-*/
 
 ////////////////////////////////////////////////////////////////////////////////////////////////////
 // Define functions to CRUD data for the API

diff --git a/lib/middleware/verify-token.js b/lib/middleware/verify-token.js
@@ -0,0 +1,21 @@
+
+function configure (env) {
+    function verifyAuthorization(req, res, next) {
+        // Retrieve the secret values to be compared.
+        var api_secret = env.api_secret;
+        var secret = req.params.secret ? req.params.secret : req.header('API_SECRET');
+
+        // Return an error message if the authorization fails.
+        var unauthorized = (typeof api_secret === 'undefined' || secret != api_secret);
+        if (unauthorized) {
+            sendJSONStatus(res, HTTP_UNAUTHORIZED, 'Unauthorized', 'API_SECRET Request Header is incorect or missing.');
+        } else {
+            next();
+        }
+
+        return unauthorized;
+    }
+    return verifyAuthorization;
+
+}
+module.exports = configure;