is in Beta now!
This service is for authenticate and authorization of WERBAS customers and interface-users. With this service, access rights and entrypoints to the WERBAS BO Server(s) are managed.
The authentication part of this service is going to check, whether
- the given debitorid exists
- the M2M user exists# WERBAS REST API
The Werbas REST API is based on REST spezifications.
Table of contents
To run this Docker container just run
docker run -d -e DB_HOST=<DATABASE HOST> -e DB_USER=<DATABASE USER> -e DB_PASSWORD=<DATABASE PASSWORD> -e WERBASDEBITOR=<WERBASDEBITORNUMBER> -e DB_NAME=<DATABASE NAME> -e DIRECTORY_URL=<DIRECTORY URL> -e EVENTLOGGER_URL=<EVENTLOGGER URL> -e SNOOPER_FORWARD_URL=<SNOOPER FORWARD URL> -p 8080:8080 werbasinnotec/werbas-rest
docker run -d -e DB_HOST=18.104.22.168 -e DB_USER=apiUser -e DB_PASSWORD=Kl7T+cd -e WERBASDEBITOR=334455 -e DB_NAME=WerbasWeb -e DIRECTORY_URL=https://directory.staging.werbasinnotec.com -e EVENTLOGGER_URL=https://eventlog.staging.werbasinnotec.com -e SNOOPER_FORWARD_URL=https://eventlog.staging.werbasinnotec.com/snooper -p 8080:8080 werbasinnotec/werbas-rest
For development follow gulp-commands are available:
This will run the default-tasks of gulp. At first eslint, and as second all mocha tests.
This will run gulp in watch-mode. On filechange gulp will run eslint as first, and as second all unit-tests.
This will run gulp with test-coverage
This will generate new certficates for jwt.
To set the configuration, set follow ENV-Variables:
- DB_HOST: Define the Host where the SQL-Server is reachable
- DB_USER: Define the SQL DB User
- DB_PASSWORD: Define the password by the SQL DB User
- WERBASDEBITOR: Define the Debitornumber of the werbas-customer
- DIRECTORY_URL: Define the URL where the Directory is reachable. Default is https://directory.dev.werbasinnotec.com
- EVENTLOGGER_URL: Define the URL where the Eventlogger reachable. Default is undefined.
- ENTRYPOINT: Define the URL where the service is reachable. This will forward to the directory on startup.
- TOKEN_LIFETIMEINHOURS: Define the lifetime for the Tokens in hours. (Default is 6 hours)
All functions in this repo are fetched with snooper. If you like log all information set follwo ENV-Varaibles:
- SNOOPER_FORWARD_URL: http://myhost.com
See the complete Module description of snooper.
This application will initialize the MS SQL Database at startup with the first init params. Here we uses follow steps:
- Test the connection to the database
- clean up all needed stored procedures from database
- create all needed stored procedures in database as new
The files that the procedures are investing stored in /server/helpers/database/sql
For all routes is an authtentication required. The authtentication follows over the route /authentication. To this route you will post the WERBAS username and password. Is this access correctly, you can get a token from the API. You need this token, to take the data from all the other routes. The validated token must be set up in the header of request.
- You must take a token via the /authentication POST route. In Body you must bring the WERBAS username an password
- The REST-API generate a new token.
- The API send the new token as response.
- For use the other routes, this token must be placed in the header authorization.
Copyright and license
Code and documentation copyright 2015 werbasinnotec GmbH. No License granted.
- the M2M passwordhash stored to the user fits to the given M2M user.
The authorization part of this service is used to check, whether
- the M2M user is allowed to use the REST-API in general
- the M2M user is active for the given debitorid
Any User of the REST-API on the BO-Server
- First needs to get a Directory-token from this RESSOURCE by handing over a
- gets back a M2M token if the above combination is properly authenticated and authorized. With this token the BO-SERVER URI (where to reach the workshops REST-API) is delivered as well. If the M2M user couldn't be authorized, instead of an M2M token an "unauthorized"-Message is sent back.
The Databasefiles are in datafolder of project. But it's ignore for github. You must set your own path in the mapping argument. Please install the mongoclient to connect the database on your linux-os.