@clocklimited/cf-api
v3.1.1
Published
A pluggable JSON API server
Downloads
106
Keywords
Readme
cf-api
A pluggable JSON API server
This is CatfishApi but without all of the bloat and a simple API to register plugins. Everything becomes a plugin.
Installation
npm install --save cf-api
Usage
var createApi = require('cf-api')
var api = createApi(options)
server = api.initialize()
server.get('/', homepage)
server.post('/form', submit)
// This tells the api that you've finished adding your routes
// and you now want it to add the error handling middleware
server.emit('preBoot')
server.listen(port)
API API
var api = createApi(Object: options)
Create an API instance. There are options available:
checkOrigin
- a function with the signaturefunction (url, cb) {}
to checkreq.headers.origin
.cb(null, true)
to allow andorigin
,cb(null, false)
to deny an origin. Defaults tocb(null, true)
for all requests, meaning all cross-domain requests are allowed. It is up to the user to implement their whitelist/blacklist.logger
- a logger object with methodsdebug()
,info()
,warn()
anderror()
(default:console
).maxBodySize
- an option to be passed along to the body-parser json middleware function. If this is a number it will be the number of bytes, otherwise it will be parsed by the bytes module (default:undefined
which falls back to the body parser default of'100kB'
).initialMiddleware
- an Express middleware function that will be used before all other middleware. Useful for Sentry error handlers.corsOptions
- an object with the following keys:exposeHeaders
- setsAccess-Control-Expose-Headers
For backwards compatibility, the allowedDomains
option still works and generates a checkOrigin
function for you.
api.initialize()
Create and return the server.
Changelog
3.1.1
- Cors header
Access-Control-Allow-Credentials
is now set totrue
3.1.0
- mis-tagged commit from unpulled work, unpublished.
3.0.0
express
is now installed as a peer dependency
2.6.0
- Allow setting cors options through initialisation options.
2.0.0
- Plugin interface now totally removed. Application components are registered outside of the scope of this module.
- User must call
server.emit('preBoot')
after all routes have been added to make tell the api to add the last piece of middleware: the error handler. This is due to a change in Express 4.
1.1.0
- API now allows binary request bodies as well as json
1.0.1
- Fixed cors middleware not terminating preflight requests. Do not use 1.0.0, please upgrade.
1.0.0
- Added
checkOrigin
option in place ofallowedDomains
. Latter is still supported for compatibility.
Pre 1.0.0
- Unstable!
Credits
Built by developers at Clock.
Licence
Licensed under the New BSD License