Public | Automated Build

Last pushed: a year ago
Short Description
temporary rest-api
Full Description

Systems-Management

is in Beta now!

This service is for authenticate and authorization of WERBAS customers and interface-users. With this service, access rights and entrypoints to the WERBAS BO Server(s) are managed.

Authentication

The authentication part of this service is going to check, whether

  • the given debitorid exists
  • the M2M user exists# WERBAS REST API

The Werbas REST API is based on REST spezifications.

Table of contents

Normal StartUp

To run this Docker container just run

docker run -d -e DB_HOST=<DATABASE HOST> -e DB_USER=<DATABASE USER> -e DB_PASSWORD=<DATABASE PASSWORD> -e WERBASDEBITOR=<WERBASDEBITORNUMBER> -e DB_NAME=<DATABASE NAME> -e DIRECTORY_URL=<DIRECTORY URL> -e EVENTLOGGER_URL=<EVENTLOGGER URL> -e SNOOPER_FORWARD_URL=<SNOOPER FORWARD URL> -p 8080:8080 werbasinnotec/werbas-rest

E.g.:

docker run -d -e DB_HOST=172.168.12.43 -e DB_USER=apiUser -e DB_PASSWORD=Kl7T+cd -e WERBASDEBITOR=334455 -e DB_NAME=WerbasWeb -e DIRECTORY_URL=https://directory.staging.werbasinnotec.com -e EVENTLOGGER_URL=https://eventlog.staging.werbasinnotec.com -e SNOOPER_FORWARD_URL=https://eventlog.staging.werbasinnotec.com/snooper -p 8080:8080 werbasinnotec/werbas-rest

Gulp

For development follow gulp-commands are available:

gulp

This will run the default-tasks of gulp. At first eslint, and as second all mocha tests.

gulp watch

This will run gulp in watch-mode. On filechange gulp will run eslint as first, and as second all unit-tests.

gulp coverage

This will run gulp with test-coverage

gulp generateCertificate

This will generate new certficates for jwt.

Configuration

To set the configuration, set follow ENV-Variables:

  • DB_HOST: Define the Host where the SQL-Server is reachable
  • DB_USER: Define the SQL DB User
  • DB_PASSWORD: Define the password by the SQL DB User
  • WERBASDEBITOR: Define the Debitornumber of the werbas-customer
  • DIRECTORY_URL: Define the URL where the Directory is reachable. Default is https://directory.dev.werbasinnotec.com
  • EVENTLOGGER_URL: Define the URL where the Eventlogger reachable. Default is undefined.
  • ENTRYPOINT: Define the URL where the service is reachable. This will forward to the directory on startup.
  • TOKEN_LIFETIMEINHOURS: Define the lifetime for the Tokens in hours. (Default is 6 hours)

Snooper forwarding

All functions in this repo are fetched with snooper. If you like log all information set follwo ENV-Varaibles:

See the complete Module description of snooper.

Initializing procedure

This application will initialize the MS SQL Database at startup with the first init params. Here we uses follow steps:

  1. Test the connection to the database
  2. clean up all needed stored procedures from database
  3. create all needed stored procedures in database as new

The files that the procedures are investing stored in /server/helpers/database/sql

Authentication

For all routes is an authtentication required. The authtentication follows over the route /authentication. To this route you will post the WERBAS username and password. Is this access correctly, you can get a token from the API. You need this token, to take the data from all the other routes. The validated token must be set up in the header of request.

Authentication Process

  1. You must take a token via the /authentication POST route. In Body you must bring the WERBAS username an password
  2. The REST-API generate a new token.
  3. The API send the new token as response.
  4. For use the other routes, this token must be placed in the header authorization.

Copyright and license

Code and documentation copyright 2015 werbasinnotec GmbH. No License granted.

  • the M2M passwordhash stored to the user fits to the given M2M user.

Authorization

The authorization part of this service is used to check, whether

  • the M2M user is allowed to use the REST-API in general
  • the M2M user is active for the given debitorid

Process

Any User of the REST-API on the BO-Server

  1. First needs to get a Directory-token from this RESSOURCE by handing over a
    • username
    • password
    • systemid
  2. gets back a M2M token if the above combination is properly authenticated and authorized. With this token the BO-SERVER URI (where to reach the workshops REST-API) is delivered as well. If the M2M user couldn't be authorized, instead of an M2M token an "unauthorized"-Message is sent back.

The Databasefiles are in datafolder of project. But it's ignore for github. You must set your own path in the mapping argument. Please install the mongoclient to connect the database on your linux-os.

Docker Pull Command
Owner
werbasinnotec
Source Repository

Comments (0)