Add API endpoints for container management through Launchpad #173
Conversation
Introduces a new router providing RESTful API endpoints for managing containers, including create, read, update, and delete operations with API key authentication. The new endpoints are mounted at the top level in server.js to support automation and API clients.
Removed api_containers.js and merged its API logic into containers.js. Now, API clients can interact with containers using Bearer token authentication on the main containers routes, supporting JSON responses for GET, POST, PUT, and DELETE operations. This unifies container management for both web and API clients and simplifies route maintenance.
Refactors the isApiRequest helper to detect API requests based on the Accept header instead of the Authorization header. This improves compatibility with clients expecting JSON responses.
Deleted the import of apiContainersRouter from server.js as it was not being used. This helps clean up the code and remove unnecessary dependencies.
|
|
||
| // GET /sites/:siteId/containers - List all containers for the logged-in user in this site | ||
| router.get('/', requireAuth, async (req, res) => { | ||
| router.get('/', async (req, res) => { |
There was a problem hiding this comment.
DO NOT REMOVE the requireAuth middleware. Login cookies and API keys are both validated by the requireAuth middleware and is 100% nessecary to maintain security.
|
|
||
| // PUT /sites/:siteId/containers/:id - Update container services | ||
| router.put('/:id', requireAuth, async (req, res) => { | ||
| router.put('/:id', async (req, res) => { |
There was a problem hiding this comment.
DO NOT REMOVE the requireAuth middleware. Login cookies and API keys are both validated by the requireAuth middleware and is 100% nessecary to maintain security.
|
|
||
| // DELETE /sites/:siteId/containers/:id - Delete a container | ||
| router.delete('/:id', requireAuth, async (req, res) => { | ||
| router.delete('/:id', async (req, res) => { |
There was a problem hiding this comment.
DO NOT REMOVE the requireAuth middleware. Login cookies and API keys are both validated by the requireAuth middleware and is 100% nessecary to maintain security.
| router.get('/', requireAuth, async (req, res) => { | ||
| router.get('/', async (req, res) => { | ||
| // If called by API clients using Bearer token, return JSON instead of HTML | ||
| if (isApiRequest(req)) { |
There was a problem hiding this comment.
Instead of duplicating work in this if branch, replace the other returns in this function depending on whether this is an API request. As an example, we currently have return res.redirect('/sites'); on line 75, replace that with:
if (isApiRequest(req)) {
return res.status(404).json({error: "Site not found"});
} else {
return res.redirect('/sites');
}
And, on line 158 we have return res.render(... which could be replaced with
if (isApiRequest(req)) {
return res.json({containers: rows});
} else {
return res.render(...);
}
| }); | ||
|
|
||
| // Helper to detect API bearer requests | ||
| function isApiRequest(req) { |
There was a problem hiding this comment.
As is, this should be moved to a util function and imported here instead of living in this file.
| // Validate site exists | ||
| const site = await Site.findByPk(siteId); | ||
| if (!site) { | ||
| if (isApiRequest(req)) return res.status(404).json({ error: 'Site not found' }); |
There was a problem hiding this comment.
No change needed here, just wanted to point it out as a good example of how the isApiRequest should be being used per my previous comment.
| // TODO: build the container async in a Job | ||
| try { | ||
| // If API client (Bearer token), perform a lightweight create and return JSON | ||
| if (isApiRequest(req)) { |
There was a problem hiding this comment.
Refer to previous comment about only changing the return values for API requests and not creating new logic within if branches.
| const siteId = parseInt(req.params.siteId, 10); | ||
| const containerId = parseInt(req.params.id, 10); | ||
| // API clients may update container metadata via Bearer token | ||
| if (isApiRequest(req)) { |
There was a problem hiding this comment.
See previous comments about return locations.
| const siteId = parseInt(req.params.siteId, 10); | ||
| const containerId = parseInt(req.params.id, 10); | ||
| // If API request, perform lightweight delete and return JSON/204 | ||
| if (isApiRequest(req)) { |
There was a problem hiding this comment.
See previous comments about return locations.
| const sitesRouter = require('./routers/sites'); // Includes nested nodes and containers routers | ||
| const jobsRouter = require('./routers/jobs'); | ||
| // expose API endpoints before HTML routes so they respond at top-level | ||
| app.use('/', apiContainersRouter); |
There was a problem hiding this comment.
No longer used, needs removed.
Issue: #172
Introduces a new router providing RESTful API endpoints for managing containers, including create, read, update, and delete operations with API key authentication. The new endpoints are mounted at the top level in server.js to support automation and API clients.
Files changed:
api_containers.js : new API router (GET/POST/PUT/DELETE /containers) with Bearer API key auth.
server.js:1 : mounts the new router at top-level so /containers is available.