2018-03-10 15:09:04 -05:00
|
|
|
// @flow
|
|
|
|
|
2018-03-11 10:27:16 -05:00
|
|
|
import type {IAuth, IStorageHandler} from '../../../types';
|
2018-03-10 15:09:04 -05:00
|
|
|
import type {Config} from '@verdaccio/types';
|
|
|
|
|
|
|
|
import express from 'express';
|
|
|
|
import bodyParser from 'body-parser';
|
|
|
|
import whoami from './api/whoami';
|
|
|
|
import ping from './api/ping';
|
|
|
|
import user from './api/user';
|
|
|
|
import distTags from './api/dist-tags';
|
|
|
|
import publish from './api/publish';
|
|
|
|
import search from './api/search';
|
|
|
|
import pkg from './api/package';
|
|
|
|
|
2018-04-30 08:41:04 -05:00
|
|
|
const {match, validateName, validatePackage, encodeScopePackage, anti_loop} = require('../middleware');
|
2017-06-21 12:02:52 -05:00
|
|
|
|
2018-03-11 10:27:16 -05:00
|
|
|
export default function(config: Config, auth: IAuth, storage: IStorageHandler) {
|
2017-06-21 12:02:52 -05:00
|
|
|
/* eslint new-cap:off */
|
|
|
|
const app = express.Router();
|
|
|
|
/* eslint new-cap:off */
|
|
|
|
|
|
|
|
// validate all of these params as a package name
|
|
|
|
// this might be too harsh, so ask if it causes trouble
|
2018-03-11 10:27:16 -05:00
|
|
|
// $FlowFixMe
|
2018-03-10 17:13:26 -05:00
|
|
|
app.param('package', validatePackage);
|
2018-03-11 10:27:16 -05:00
|
|
|
// $FlowFixMe
|
2018-04-30 08:41:04 -05:00
|
|
|
app.param('filename', validateName);
|
|
|
|
app.param('tag', validateName);
|
|
|
|
app.param('version', validateName);
|
|
|
|
app.param('revision', validateName);
|
|
|
|
app.param('token', validateName);
|
2017-06-21 12:02:52 -05:00
|
|
|
|
|
|
|
// these can't be safely put into express url for some reason
|
|
|
|
// TODO: For some reason? what reason?
|
|
|
|
app.param('_rev', match(/^-rev$/));
|
|
|
|
app.param('org_couchdb_user', match(/^org\.couchdb\.user:/));
|
|
|
|
app.param('anything', match(/.*/));
|
|
|
|
|
2018-04-30 08:13:54 -05:00
|
|
|
app.use(auth.apiJWTmiddleware());
|
2017-06-21 12:02:52 -05:00
|
|
|
app.use(bodyParser.json({strict: false, limit: config.max_body_size || '10mb'}));
|
2018-03-10 17:13:26 -05:00
|
|
|
app.use(anti_loop(config));
|
2017-06-21 12:02:52 -05:00
|
|
|
// encode / in a scoped package name to be matched as a single parameter in routes
|
|
|
|
app.use(encodeScopePackage);
|
|
|
|
// for "npm whoami"
|
|
|
|
whoami(app);
|
|
|
|
pkg(app, auth, storage, config);
|
|
|
|
search(app, auth, storage);
|
|
|
|
user(app, auth);
|
|
|
|
distTags(app, auth, storage);
|
|
|
|
publish(app, auth, storage, config);
|
|
|
|
ping(app);
|
|
|
|
|
|
|
|
return app;
|
2018-03-10 17:13:26 -05:00
|
|
|
}
|