camicroscope/caracal

By camicroscope

Updated over 1 year ago

Conslidated Backend, Auth, and Security Services for caMicroscope

Image
API Management
Machine Learning & AI
Security

277

camicroscope: a web-based image viewer optimized for large bio-medical image data viewing

Caracal

Conslidated Attribute Registry, Access Control, and Loader proxy

routes

The routes.json sets up each route functionally as a list, executed on startup in order. Static routes simply describe folders to host statically, and require "method" set to static and "use" to the folder to host. Other routes require method to be set to the required supported http method (e.g. get, post), the route prefix as "route", and a list of "handlers" Each handler should have args set to the initialization arguments for the handler, and "function" set to the handler's registered name.

Routes are setup in this method primarily so that caMicroscope deployments can be customized, but this means that caracal can be used for entirely different projects.

Handlers

Handlers are the specific functions designed for use by routes. They should have pattern handler(...args) = function(req, res, next)

Environment variables Used

All possible configuration variables are listed in .env.example. Renaming the file to .env will inject all the environment variables.

variableDescriptiondefault
WORKERSnumber of child processes4
JWK_URLjwks url for id provider(required)
PORTthe port to use4010
AUDjwt audience to accept(if unset, does not check)
ISSjwt issuer to accept(if unset, does not check)
EXPIRYexpire in time for jwks1d
DISABLE_SECset truthy to disable permission and login handlersfalse
DISABLE_CSPset truthy to disable content security policy headersfalse
ALLOW_PUBLICset truthy to allow public usersfalse
IIP_PATHIIP server locationhttp://ca-iip
MONGO_URImongo connection urimongodb://localhost
MONGO_DBmongo db to use, default camic
GENERATE_KEY_IF_MISSINGautomatic generate key in server in not foundfalse
ENABLE_SECURITY_ATtime at which to enable security; see parsable times(not active)

files used

key/key and key/key.pub are used for internal jwts for this service. You can use key/make_key.sh to generate these, or otherwise add your own. ./ssl/privatekey.pem and ./ssl/certificate.pem are used to enable SSL; if these are present, this application will start in SSL/HTTPS mode. The CSP headers are generated from contentSecurityPolicy.json.

User property variables

These are set in userFunction and injected into the token.

userType -- Null, Editor, Admin as userTypes (e.g. Admin can create users, Editor can create marks, Null can't create anything except logs)

userFilter -- list of values which must be present in given field in filtered data responses

Special filter values

** -- immune to filters (can see everything) Public -- users with no userFilter are assigned this filter An item with no filter value is returned in all cases, and is thus also public.

Local Development Environment

In order to quickly setup a development environment, make use of the setup_script.sh script. This will setup the project, initialize and seed the database configurations, import routes and initialize environment config files and generate the keys required.

First clone the Caracal (backup-dev branch), caMicroscope and the Distro repositories and make sure that all of them are in the same parent directory.

Run the script with ./setup_script or bash ./setup_script.sh

The script is configured to load a database named "camic" from server at "127.0.0.1". In order to specify different name and host, simply pass the two while calling the script, like ./setup_script custom_host custom_database_name

Run npm start to start the application and see it running at localhost:4010

Docker Pull Command

docker pull camicroscope/caracal