1
0
mirror of https://github.com/pocketbase/pocketbase.git synced 2024-11-25 01:16:21 +02:00
pocketbase/apis/base.go

267 lines
7.1 KiB
Go
Raw Normal View History

2022-07-06 23:19:05 +02:00
// Package apis implements the default PocketBase api services and middlewares.
package apis
import (
2023-07-18 11:33:18 +02:00
"database/sql"
2022-10-30 10:28:14 +02:00
"errors"
2022-07-06 23:19:05 +02:00
"fmt"
"io/fs"
2023-11-26 13:33:17 +02:00
"log/slog"
2022-07-06 23:19:05 +02:00
"net/http"
"net/url"
"path/filepath"
"strings"
2023-11-26 13:33:17 +02:00
"time"
2022-07-06 23:19:05 +02:00
"github.com/labstack/echo/v5"
"github.com/labstack/echo/v5/middleware"
"github.com/pocketbase/pocketbase/core"
"github.com/pocketbase/pocketbase/tools/rest"
2022-07-06 23:19:05 +02:00
"github.com/pocketbase/pocketbase/ui"
"github.com/spf13/cast"
2022-07-06 23:19:05 +02:00
)
const trailedAdminPath = "/_/"
2022-07-06 23:19:05 +02:00
// InitApi creates a configured echo instance with registered
// system and app specific routes and middlewares.
func InitApi(app core.App) (*echo.Echo, error) {
e := echo.New()
2023-11-26 13:33:17 +02:00
e.Debug = false
e.Binder = &rest.MultiBinder{}
e.JSONSerializer = &rest.Serializer{
FieldsParam: fieldsQueryParam,
}
2022-07-06 23:19:05 +02:00
// configure a custom router
e.ResetRouterCreator(func(ec *echo.Echo) echo.Router {
return echo.NewRouter(echo.RouterConfig{
UnescapePathParamValues: true,
AllowOverwritingRoute: true,
})
})
2022-07-06 23:19:05 +02:00
// default middlewares
e.Pre(middleware.RemoveTrailingSlashWithConfig(middleware.RemoveTrailingSlashConfig{
Skipper: func(c echo.Context) bool {
// enable by default only for the API routes
return !strings.HasPrefix(c.Request().URL.Path, "/api/")
},
}))
e.Pre(LoadAuthContext(app))
2022-07-06 23:19:05 +02:00
e.Use(middleware.Recover())
e.Use(middleware.Secure())
2023-11-26 13:33:17 +02:00
e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
c.Set(ContextExecStartKey, time.Now())
return next(c)
}
})
2022-07-06 23:19:05 +02:00
// custom error handler
e.HTTPErrorHandler = func(c echo.Context, err error) {
if err == nil {
return // no error
}
2022-10-30 10:28:14 +02:00
var apiErr *ApiError
2022-07-06 23:19:05 +02:00
if errors.As(err, &apiErr) {
2023-11-26 13:33:17 +02:00
// already an api error...
} else if v := new(echo.HTTPError); errors.As(err, &v) {
2022-07-06 23:19:05 +02:00
msg := fmt.Sprintf("%v", v.Message)
2022-10-30 10:28:14 +02:00
apiErr = NewApiError(v.Code, msg, v)
} else {
if errors.Is(err, sql.ErrNoRows) {
2023-07-18 11:33:18 +02:00
apiErr = NewNotFoundError("", err)
} else {
apiErr = NewBadRequestError("", err)
}
2022-07-06 23:19:05 +02:00
}
2023-11-26 13:33:17 +02:00
logRequest(app, c, apiErr)
if c.Response().Committed {
return // already committed
2023-11-26 13:33:17 +02:00
}
event := new(core.ApiErrorEvent)
event.HttpContext = c
event.Error = apiErr
2022-07-06 23:19:05 +02:00
// send error response
2022-12-02 16:36:15 +02:00
hookErr := app.OnBeforeApiError().Trigger(event, func(e *core.ApiErrorEvent) error {
2023-11-26 13:33:17 +02:00
if e.HttpContext.Response().Committed {
return nil
}
// @see https://github.com/labstack/echo/issues/608
2022-12-02 16:36:15 +02:00
if e.HttpContext.Request().Method == http.MethodHead {
return e.HttpContext.NoContent(apiErr.Code)
}
return e.HttpContext.JSON(apiErr.Code, apiErr)
})
if hookErr == nil {
2023-11-26 13:33:17 +02:00
if err := app.OnAfterApiError().Trigger(event); err != nil {
app.Logger().Debug("OnAfterApiError failure", slog.String("error", err.Error()))
}
2023-11-26 13:33:17 +02:00
} else {
app.Logger().Debug("OnBeforeApiError error (truly rare case, eg. client already disconnected)", slog.String("error", hookErr.Error()))
2022-07-06 23:19:05 +02:00
}
}
// admin ui routes
bindStaticAdminUI(app, e)
2022-07-06 23:19:05 +02:00
// default routes
api := e.Group("/api", eagerRequestInfoCache(app))
2022-10-30 10:28:14 +02:00
bindSettingsApi(app, api)
bindAdminApi(app, api)
bindCollectionApi(app, api)
bindRecordCrudApi(app, api)
bindRecordAuthApi(app, api)
bindFileApi(app, api)
bindRealtimeApi(app, api)
bindLogsApi(app, api)
2022-12-11 17:32:43 +02:00
bindHealthApi(app, api)
2023-05-13 21:10:14 +02:00
bindBackupApi(app, api)
2022-07-06 23:19:05 +02:00
// catch all any route
api.Any("/*", func(c echo.Context) error {
return echo.ErrNotFound
}, ActivityLogger(app))
return e, nil
}
// StaticDirectoryHandler is similar to `echo.StaticDirectoryHandler`
// but without the directory redirect which conflicts with RemoveTrailingSlash middleware.
//
2022-10-30 10:28:14 +02:00
// If a file resource is missing and indexFallback is set, the request
// will be forwarded to the base index.html (useful also for SPA).
//
2022-07-06 23:19:05 +02:00
// @see https://github.com/labstack/echo/issues/2211
2022-10-30 10:28:14 +02:00
func StaticDirectoryHandler(fileSystem fs.FS, indexFallback bool) echo.HandlerFunc {
2022-07-06 23:19:05 +02:00
return func(c echo.Context) error {
p := c.PathParam("*")
2022-10-30 10:28:14 +02:00
// escape url path
tmpPath, err := url.PathUnescape(p)
if err != nil {
return fmt.Errorf("failed to unescape path variable: %w", err)
2022-07-06 23:19:05 +02:00
}
2022-10-30 10:28:14 +02:00
p = tmpPath
2022-07-06 23:19:05 +02:00
// fs.FS.Open() already assumes that file names are relative to FS root path and considers name with prefix `/` as invalid
name := filepath.ToSlash(filepath.Clean(strings.TrimPrefix(p, "/")))
2022-10-30 10:28:14 +02:00
fileErr := c.FileFS(name, fileSystem)
if fileErr != nil && indexFallback && errors.Is(fileErr, echo.ErrNotFound) {
return c.FileFS("index.html", fileSystem)
}
return fileErr
2022-07-06 23:19:05 +02:00
}
}
// bindStaticAdminUI registers the endpoints that serves the static admin UI.
func bindStaticAdminUI(app core.App, e *echo.Echo) error {
// redirect to trailing slash to ensure that relative urls will still work properly
e.GET(
strings.TrimRight(trailedAdminPath, "/"),
func(c echo.Context) error {
return c.Redirect(http.StatusTemporaryRedirect, strings.TrimLeft(trailedAdminPath, "/"))
},
)
// serves static files from the /ui/dist directory
// (similar to echo.StaticFS but with gzip middleware enabled)
e.GET(
trailedAdminPath+"*",
echo.StaticDirectoryHandler(ui.DistDirFS, false),
installerRedirect(app),
uiCacheControl(),
middleware.Gzip(),
)
return nil
}
func uiCacheControl() echo.MiddlewareFunc {
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
// add default Cache-Control header for all Admin UI resources
// (ignoring the root admin path)
if c.Request().URL.Path != trailedAdminPath {
c.Response().Header().Set("Cache-Control", "max-age=1209600, stale-while-revalidate=86400")
}
return next(c)
}
}
}
const hasAdminsCacheKey = "@hasAdmins"
func updateHasAdminsCache(app core.App) error {
total, err := app.Dao().TotalAdmins()
if err != nil {
return err
}
2023-11-26 13:33:17 +02:00
app.Store().Set(hasAdminsCacheKey, total > 0)
return nil
}
// installerRedirect redirects the user to the installer admin UI page
// when the application needs some preliminary configurations to be done.
func installerRedirect(app core.App) echo.MiddlewareFunc {
// keep hasAdminsCacheKey value up-to-date
app.OnAdminAfterCreateRequest().Add(func(data *core.AdminCreateEvent) error {
return updateHasAdminsCache(app)
})
app.OnAdminAfterDeleteRequest().Add(func(data *core.AdminDeleteEvent) error {
return updateHasAdminsCache(app)
})
return func(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
// skip redirect checks for non-root level index.html requests
path := c.Request().URL.Path
if path != trailedAdminPath && path != trailedAdminPath+"index.html" {
return next(c)
}
2023-11-26 13:33:17 +02:00
hasAdmins := cast.ToBool(app.Store().Get(hasAdminsCacheKey))
if !hasAdmins {
// update the cache to make sure that the admin wasn't created by another process
if err := updateHasAdminsCache(app); err != nil {
return err
}
2023-11-26 13:33:17 +02:00
hasAdmins = cast.ToBool(app.Store().Get(hasAdminsCacheKey))
}
_, hasInstallerParam := c.Request().URL.Query()["installer"]
if !hasAdmins && !hasInstallerParam {
// redirect to the installer page
return c.Redirect(http.StatusTemporaryRedirect, "?installer#")
}
if hasAdmins && hasInstallerParam {
// clear the installer param
return c.Redirect(http.StatusTemporaryRedirect, "?")
}
return next(c)
}
}
}