gallery.accords-library.com/client/js/api.js

'use strict';

const nprogress = require('nprogress');
const cookies = require('js-cookie');
const request = require('superagent');
const config = require('./config.js');
const events = require('./events.js');

class Api extends events.EventTarget {
    constructor() {
        super();
        this.user = null;
        this.userName = null;
        this.userPassword = null;
        this.cache = {};
        this.allRanks = [
            'anonymous',
            'restricted',
            'regular',
            'power',
            'moderator',
            'administrator',
            'nobody',
        ];
        this.rankNames = new Map([
            ['anonymous', 'Anonymous'],
            ['restricted', 'Restricted user'],
            ['regular', 'Regular user'],
            ['power', 'Power user'],
            ['moderator', 'Moderator'],
            ['administrator', 'Administrator'],
            ['nobody', 'Nobody'],
        ]);
    }

    get(url, options) {
        if (url in this.cache) {
            return new Promise((resolve, reject) => {
                resolve(this.cache[url]);
            });
        }
        return this._process(url, request.get, {}, {}, options)
            .then(response => {
                this.cache[url] = response;
                return Promise.resolve(response);
            });
    }

    post(url, data, files, options) {
        this.cache = {};
        return this._process(url, request.post, data, files, options);
    }

    put(url, data, files, options) {
        this.cache = {};
        return this._process(url, request.put, data, files, options);
    }

    delete(url, data, options) {
        this.cache = {};
        return this._process(url, request.delete, data, {}, options);
    }

    _process(url, requestFactory, data, files, options) {
        options = options || {};
        const [fullUrl, query] = this._getFullUrl(url);

        let abortFunction = null;

        let promise = new Promise((resolve, reject) => {
            let req = requestFactory(fullUrl);

            req.set('Accept', 'application/json');
            if (query) {
                req.query(query);
            }
            if (data) {
                req.attach('metadata', new Blob([JSON.stringify(data)]));
            }
            if (files) {
                for (let key of Object.keys(files)) {
                    req.attach(key, files[key] || new Blob());
                }
            }
            try {
                if (this.userName && this.userPassword) {
                    req.auth(
                        this.userName,
                        encodeURIComponent(this.userPassword)
                            .replace(/%([0-9A-F]{2})/g, (match, p1) => {
                                return String.fromCharCode('0x' + p1);
                            }));
                }
            } catch (e) {
                reject({
                    title: 'Authentication error',
                    description: 'Malformed credentials'});
            }

            if (!options.noProgress) {
                nprogress.start();
            }

            abortFunction = () => {
                req.abort();  // does *NOT* call the callback passed in .end()
                nprogress.done();
                reject({
                    title: 'Cancelled',
                    description:
                        'The request was aborted due to user cancel.'});
            };

            req.end((error, response) => {
                nprogress.done();
                if (error) {
                    reject(response && response.body ? response.body : {
                        title: 'Networking error',
                        description: error.message});
                } else {
                    resolve(response.body);
                }
            });
        });

        promise.abort = () => abortFunction();

        return promise;
    }

    hasPrivilege(lookup) {
        let minViableRank = null;
        for (let privilege of Object.keys(config.privileges)) {
            if (!privilege.startsWith(lookup)) {
                continue;
            }
            const rankName = config.privileges[privilege];
            const rankIndex = this.allRanks.indexOf(rankName);
            if (minViableRank === null || rankIndex < minViableRank) {
                minViableRank = rankIndex;
            }
        }
        if (minViableRank === null) {
            throw `Bad privilege name: ${lookup}`;
        }
        let myRank = this.user !== null ?
            this.allRanks.indexOf(this.user.rank) :
            0;
        return myRank >= minViableRank;
    }

    loginFromCookies() {
        return new Promise((resolve, reject) => {
            const auth = cookies.getJSON('auth');
            if (auth && auth.user && auth.password) {
                this.login(auth.user, auth.password, true)
                    .then(resolve)
                    .catch(errorMessage => {
                        reject(errorMessage);
                    });
            } else {
                resolve();
            }
        });
    }

    login(userName, userPassword, doRemember) {
        this.cache = {};
        return new Promise((resolve, reject) => {
            this.userName = userName;
            this.userPassword = userPassword;
            this.get('/user/' + userName + '?bump-login=true')
                .then(response => {
                    const options = {};
                    if (doRemember) {
                        options.expires = 365;
                    }
                    cookies.set(
                        'auth',
                        {'user': userName, 'password': userPassword},
                        options);
                    this.user = response;
                    resolve();
                    this.dispatchEvent(new CustomEvent('login'));
                }, response => {
                    reject(response.description || response || 'Unknown error');
                    this.logout();
                });
        });
    }

    logout() {
        this.user = null;
        this.userName = null;
        this.userPassword = null;
        this.dispatchEvent(new CustomEvent('logout'));
    }

    forget() {
        cookies.remove('auth');
    }

    isLoggedIn(user) {
        if (user) {
            return this.userName !== null &&
                this.userName.toLowerCase() === user.name.toLowerCase();
        } else {
            return this.userName !== null;
        }
    }

    _getFullUrl(url) {
        const fullUrl =
            (config.apiUrl + '/' + url).replace(/([^:])\/+/g, '$1/');
        const matches = fullUrl.match(/^([^?]*)\??(.*)$/);
        const baseUrl = matches[1];
        const request = matches[2];
        return [baseUrl, request];
    }
}

module.exports = new Api();
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`'use strict';`

client/general: add nprogress to API calls 2016-05-08 16:57:55 +00:00			`const nprogress = require('nprogress');`
client/api: move cookies management to API 2016-04-08 08:01:32 +00:00			`const cookies = require('js-cookie');`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`const request = require('superagent');`
			`const config = require('./config.js');`
client/api: convert messages to events 2016-04-07 17:03:49 +00:00			`const events = require('./events.js');`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00
client/general: refactor control flow - Controller lifetime is bound to route lifetime - View lifetime is bound to controller lifetime - Control lifetime is bound to view lifetime - Enhanced event dispatching - Enhanced responsiveness in some places - Views communicate user input to controllers via new event system 2016-06-14 08:31:48 +00:00			`class Api extends events.EventTarget {`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`constructor() {`
client/general: refactor control flow - Controller lifetime is bound to route lifetime - View lifetime is bound to controller lifetime - Control lifetime is bound to view lifetime - Enhanced event dispatching - Enhanced responsiveness in some places - Views communicate user input to controllers via new event system 2016-06-14 08:31:48 +00:00			`super();`
front/auth: implement privileges + top nav auth 2016-03-30 20:05:57 +00:00			`this.user = null;`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`this.userName = null;`
			`this.userPassword = null;`
client/api: cache API requests Specifically, cache all GET requests until first POST/PUT/DELETE request. 2016-04-11 16:45:58 +00:00			`this.cache = {};`
server/users: hardcode available ranks 2016-05-08 14:59:25 +00:00			`this.allRanks = [`
			`'anonymous',`
			`'restricted',`
			`'regular',`
			`'power',`
			`'moderator',`
			`'administrator',`
			`'nobody',`
			`];`
client/general: replace direct API with models 2016-06-19 17:16:40 +00:00			`this.rankNames = new Map([`
			`['anonymous', 'Anonymous'],`
			`['restricted', 'Restricted user'],`
			`['regular', 'Regular user'],`
			`['power', 'Power user'],`
			`['moderator', 'Moderator'],`
			`['administrator', 'Administrator'],`
			`['nobody', 'Nobody'],`
			`]);`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`}`

client/api: let caller disable nprogress 2016-05-22 09:16:25 +00:00			`get(url, options) {`
client/api: cache API requests Specifically, cache all GET requests until first POST/PUT/DELETE request. 2016-04-11 16:45:58 +00:00			`if (url in this.cache) {`
			`return new Promise((resolve, reject) => {`
			`resolve(this.cache[url]);`
			`});`
			`}`
client/api: let caller disable nprogress 2016-05-22 09:16:25 +00:00			`return this._process(url, request.get, {}, {}, options)`
			`.then(response => {`
			`this.cache[url] = response;`
			`return Promise.resolve(response);`
			`});`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`}`

client/api: let caller disable nprogress 2016-05-22 09:16:25 +00:00			`post(url, data, files, options) {`
client/api: cache API requests Specifically, cache all GET requests until first POST/PUT/DELETE request. 2016-04-11 16:45:58 +00:00			`this.cache = {};`
client/api: let caller disable nprogress 2016-05-22 09:16:25 +00:00			`return this._process(url, request.post, data, files, options);`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`}`

client/api: let caller disable nprogress 2016-05-22 09:16:25 +00:00			`put(url, data, files, options) {`
client/api: cache API requests Specifically, cache all GET requests until first POST/PUT/DELETE request. 2016-04-11 16:45:58 +00:00			`this.cache = {};`
client/api: let caller disable nprogress 2016-05-22 09:16:25 +00:00			`return this._process(url, request.put, data, files, options);`
client/users: implement account settings (Without avatars yet.) 2016-04-07 20:54:45 +00:00			`}`

client/general: use resource versioning 2016-08-06 20:44:04 +00:00			`delete(url, data, options) {`
client/api: cache API requests Specifically, cache all GET requests until first POST/PUT/DELETE request. 2016-04-11 16:45:58 +00:00			`this.cache = {};`
client/general: use resource versioning 2016-08-06 20:44:04 +00:00			`return this._process(url, request.delete, data, {}, options);`
client/users: add user deletion 2016-04-09 07:52:00 +00:00			`}`

client/api: let caller disable nprogress 2016-05-22 09:16:25 +00:00			`_process(url, requestFactory, data, files, options) {`
			`options = options \|\| {};`
client/general: improve URL escaping Specifically, cater for /, + and % in URL components. 2016-09-03 23:25:19 +00:00			`const [fullUrl, query] = this._getFullUrl(url);`
client/posts: add upload cancelling 2016-09-29 19:36:59 +00:00
			`let abortFunction = null;`

			`let promise = new Promise((resolve, reject) => {`
client/users: support avatar changing 2016-04-10 13:55:56 +00:00			`let req = requestFactory(fullUrl);`
client/posts: add upload cancelling 2016-09-29 19:36:59 +00:00
			`req.set('Accept', 'application/json');`
client/general: improve URL escaping Specifically, cater for /, + and % in URL components. 2016-09-03 23:25:19 +00:00			`if (query) {`
			`req.query(query);`
			`}`
client/users: support avatar changing 2016-04-10 13:55:56 +00:00			`if (data) {`
			`req.attach('metadata', new Blob([JSON.stringify(data)]));`
			`}`
			`if (files) {`
			`for (let key of Object.keys(files)) {`
client/posts: add custom thumbnail discarding 2016-07-31 21:54:29 +00:00			`req.attach(key, files[key] \|\| new Blob());`
client/users: support avatar changing 2016-04-10 13:55:56 +00:00			`}`
			`}`
client/api: fix reporting errors for bad logins 2016-09-24 06:49:07 +00:00			`try {`
			`if (this.userName && this.userPassword) {`
			`req.auth(`
			`this.userName,`
client/api: support Unicode passwords 2016-09-24 06:49:47 +00:00			`encodeURIComponent(this.userPassword)`
			`.replace(/%([0-9A-F]{2})/g, (match, p1) => {`
			`return String.fromCharCode('0x' + p1);`
			`}));`
client/api: fix reporting errors for bad logins 2016-09-24 06:49:07 +00:00			`}`
			`} catch (e) {`
			`reject({`
			`title: 'Authentication error',`
			`description: 'Malformed credentials'});`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`}`
client/posts: add upload cancelling 2016-09-29 19:36:59 +00:00
			`if (!options.noProgress) {`
			`nprogress.start();`
			`}`

			`abortFunction = () => {`
			`req.abort(); // does NOT call the callback passed in .end()`
			`nprogress.done();`
			`reject({`
			`title: 'Cancelled',`
			`description:`
			`'The request was aborted due to user cancel.'});`
			`};`

			`req.end((error, response) => {`
			`nprogress.done();`
			`if (error) {`
			`reject(response && response.body ? response.body : {`
			`title: 'Networking error',`
			`description: error.message});`
			`} else {`
			`resolve(response.body);`
			`}`
			`});`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`});`
client/posts: add upload cancelling 2016-09-29 19:36:59 +00:00
			`promise.abort = () => abortFunction();`

			`return promise;`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`}`

front/auth: implement privileges + top nav auth 2016-03-30 20:05:57 +00:00			`hasPrivilege(lookup) {`
			`let minViableRank = null;`
			`for (let privilege of Object.keys(config.privileges)) {`
			`if (!privilege.startsWith(lookup)) {`
			`continue;`
			`}`
			`const rankName = config.privileges[privilege];`
server/users: hardcode available ranks 2016-05-08 14:59:25 +00:00			`const rankIndex = this.allRanks.indexOf(rankName);`
front/auth: implement privileges + top nav auth 2016-03-30 20:05:57 +00:00			`if (minViableRank === null \|\| rankIndex < minViableRank) {`
			`minViableRank = rankIndex;`
			`}`
			`}`
			`if (minViableRank === null) {`
client/general: make fatal errors fatal 2016-06-11 07:30:22 +00:00			throw `Bad privilege name: ${lookup}`;
front/auth: implement privileges + top nav auth 2016-03-30 20:05:57 +00:00			`}`
			`let myRank = this.user !== null ?`
server/users: hardcode available ranks 2016-05-08 14:59:25 +00:00			`this.allRanks.indexOf(this.user.rank) :`
front/auth: implement privileges + top nav auth 2016-03-30 20:05:57 +00:00			`0;`
			`return myRank >= minViableRank;`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`}`

client/api: move cookies management to API 2016-04-08 08:01:32 +00:00			`loginFromCookies() {`
			`return new Promise((resolve, reject) => {`
			`const auth = cookies.getJSON('auth');`
			`if (auth && auth.user && auth.password) {`
			`this.login(auth.user, auth.password, true)`
			`.then(resolve)`
			`.catch(errorMessage => {`
			`reject(errorMessage);`
			`});`
			`} else {`
			`resolve();`
			`}`
			`});`
			`}`

			`login(userName, userPassword, doRemember) {`
client/api: fix cache not cleared on login This led to weird anomalies when logging with valid password and then with invalid one. 2016-06-19 19:37:44 +00:00			`this.cache = {};`
front/auth: implement cookie support 2016-03-30 19:01:18 +00:00			`return new Promise((resolve, reject) => {`
			`this.userName = userName;`
			`this.userPassword = userPassword;`
server/users: track login time 2016-04-03 13:12:15 +00:00			`this.get('/user/' + userName + '?bump-login=true')`
front/auth: implement privileges + top nav auth 2016-03-30 20:05:57 +00:00			`.then(response => {`
client/api: move cookies management to API 2016-04-08 08:01:32 +00:00			`const options = {};`
			`if (doRemember) {`
			`options.expires = 365;`
			`}`
			`cookies.set(`
			`'auth',`
			`{'user': userName, 'password': userPassword},`
			`options);`
server/general: flatten responses 2016-05-30 20:20:42 +00:00			`this.user = response;`
front/auth: implement privileges + top nav auth 2016-03-30 20:05:57 +00:00			`resolve();`
client/general: refactor control flow - Controller lifetime is bound to route lifetime - View lifetime is bound to controller lifetime - Control lifetime is bound to view lifetime - Enhanced event dispatching - Enhanced responsiveness in some places - Views communicate user input to controllers via new event system 2016-06-14 08:31:48 +00:00			`this.dispatchEvent(new CustomEvent('login'));`
client/api: fix cache not cleared on login This led to weird anomalies when logging with valid password and then with invalid one. 2016-06-19 19:37:44 +00:00			`}, response => {`
client/api: fix reporting errors for bad logins 2016-09-24 06:49:07 +00:00			`reject(response.description \|\| response \|\| 'Unknown error');`
front/auth: implement cookie support 2016-03-30 19:01:18 +00:00			`this.logout();`
			`});`
			`});`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`}`

			`logout() {`
front/registration: add welcome message 2016-04-01 11:09:07 +00:00			`this.user = null;`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`this.userName = null;`
			`this.userPassword = null;`
client/general: refactor control flow - Controller lifetime is bound to route lifetime - View lifetime is bound to controller lifetime - Control lifetime is bound to view lifetime - Enhanced event dispatching - Enhanced responsiveness in some places - Views communicate user input to controllers via new event system 2016-06-14 08:31:48 +00:00			`this.dispatchEvent(new CustomEvent('logout'));`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`}`

client/api: fix removing cookies on login failures 2016-04-09 17:53:53 +00:00			`forget() {`
			`cookies.remove('auth');`
			`}`

server/api: refactor + remove ID from user JSON 2016-04-16 13:07:33 +00:00			`isLoggedIn(user) {`
			`if (user) {`
			`return this.userName !== null &&`
			`this.userName.toLowerCase() === user.name.toLowerCase();`
			`} else {`
			`return this.userName !== null;`
			`}`
front/auth: move auth state to API 2016-03-30 18:45:37 +00:00			`}`

client/general: refactor all the things - Move controls to the "controls/" directory - Make controls interface look similar to each other - Prefix "private" methods and attributes with underscore 2016-05-20 19:35:12 +00:00			`_getFullUrl(url) {`
client/general: improve URL escaping Specifically, cater for /, + and % in URL components. 2016-09-03 23:25:19 +00:00			`const fullUrl =`
			`(config.apiUrl + '/' + url).replace(/([^:])\/+/g, '$1/');`
			`const matches = fullUrl.match(/^([^?])\??(.)$/);`
			`const baseUrl = matches[1];`
			`const request = matches[2];`
			`return [baseUrl, request];`
front/auth+users: implement talking to backend 2016-03-28 20:33:20 +00:00			`}`
			`}`

front/general: replace manual DI with require(...) 2016-03-31 22:20:34 +00:00			`module.exports = new Api();`