diff --git a/versioned_docs/version-4.5/developers/applications/define-routes.md b/versioned_docs/version-4.5/developers/applications/define-routes.md deleted file mode 100644 index c442f9f1..00000000 --- a/versioned_docs/version-4.5/developers/applications/define-routes.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Define Fastify Routes ---- - -# Define Fastify Routes - -Harper’s applications provide an extension for loading [Fastify](https://www.fastify.io/) routes as a way to handle endpoints. While we generally recommend building your endpoints/APIs with Harper's [REST interface](../rest) for better performance and standards compliance, Fastify's route can provide an extensive API for highly customized path handling. Below is a very simple example of a route declaration. - -The fastify route handler can be configured in your application's config.yaml (this is the default config if you used the [application template](https://github.com/HarperDB/application-template)): - -```yaml -fastifyRoutes: # This loads files that define fastify routes using fastify's auto-loader - files: routes/*.js # specify the location of route definition modules - path: . # relative to the app-name, like https://server/app-name/route-name -``` - -By default, route URLs are configured to be: - -- \[**Instance URL**]:\[**HTTP Port**]/\[**Project Name**]/\[**Route URL**] - -However, you can specify the path to be `/` if you wish to have your routes handling the root path of incoming URLs. - -- The route below, using the default config, within the **dogs** project, with a route of **breeds** would be available at **[http://localhost:9926/dogs/breeds](http://localhost:9926/dogs/breeds)**. - -In effect, this route is just a pass-through to Harper. The same result could have been achieved by hitting the core Harper API, since it uses **hdbCore.preValidation** and **hdbCore.request**, which are defined in the "helper methods" section, below. - -```javascript -export default async (server, { hdbCore, logger }) => { - server.route({ - url: '/', - method: 'POST', - preValidation: hdbCore.preValidation, - handler: hdbCore.request, - }); -}; -``` - -## Custom Handlers - -For endpoints where you want to execute multiple operations against Harper, or perform additional processing (like an ML classification, or an aggregation, or a call to a 3rd party API), you can define your own logic in the handler. The function below will execute a query against the dogs table, and filter the results to only return those dogs over 4 years in age. - -**IMPORTANT: This route has NO preValidation and uses hdbCore.requestWithoutAuthentication, which- as the name implies- bypasses all user authentication. See the security concerns and mitigations in the "helper methods" section, below.** - -```javascript -export default async (server, { hdbCore, logger }) => { - server.route({ - url: '/:id', - method: 'GET', - handler: (request) => { - request.body= { - operation: 'sql', - sql: `SELECT * FROM dev.dog WHERE id = ${request.params.id}` - }; - - const result = await hdbCore.requestWithoutAuthentication(request); - return result.filter((dog) => dog.age > 4); - } - }); -} -``` - -## Custom preValidation Hooks - -The simple example above was just a pass-through to Harper- the exact same result could have been achieved by hitting the core Harper API. But for many applications, you may want to authenticate the user using custom logic you write, or by conferring with a 3rd party service. Custom preValidation hooks let you do just that. - -Below is an example of a route that uses a custom validation hook: - -```javascript -import customValidation from '../helpers/customValidation'; - -export default async (server, { hdbCore, logger }) => { - server.route({ - url: '/:id', - method: 'GET', - preValidation: (request) => customValidation(request, logger), - handler: (request) => { - request.body = { - operation: 'sql', - sql: `SELECT * FROM dev.dog WHERE id = ${request.params.id}`, - }; - - return hdbCore.requestWithoutAuthentication(request); - }, - }); -}; -``` - -Notice we imported customValidation from the **helpers** directory. To include a helper, and to see the actual code within customValidation, see [Helper Methods](./define-routes#helper-methods). - -## Helper Methods - -When declaring routes, you are given access to 2 helper methods: hdbCore and logger. - -**hdbCore** - -hdbCore contains three functions that allow you to authenticate an inbound request, and execute operations against Harper directly, by passing the standard Operations API. - -- **preValidation** - - This is an array of functions used for fastify authentication. The second function takes the authorization header from the inbound request and executes the same authentication as the standard Harper Operations API (for example, `hdbCore.preValidation[1](./req, resp, callback)`). It will determine if the user exists, and if they are allowed to perform this operation. **If you use the request method, you have to use preValidation to get the authenticated user**. - -- **request** - - This will execute a request with Harper using the operations API. The `request.body` should contain a standard Harper operation and must also include the `hdb_user` property that was in `request.body` provided in the callback. - -- **requestWithoutAuthentication** - - Executes a request against Harper without any security checks around whether the inbound user is allowed to make this request. For security purposes, you should always take the following precautions when using this method: - - Properly handle user-submitted values, including url params. User-submitted values should only be used for `search_value` and for defining values in records. Special care should be taken to properly escape any values if user-submitted values are used for SQL. - -**logger** - -This helper allows you to write directly to the log file, hdb.log. It’s useful for debugging during development, although you may also use the console logger. There are 5 functions contained within logger, each of which pertains to a different **logging.level** configuration in your harperdb-config.yaml file. - -- logger.trace(‘Starting the handler for /dogs’) -- logger.debug(‘This should only fire once’) -- logger.warn(‘This should never ever fire’) -- logger.error(‘This did not go well’) -- logger.fatal(‘This did not go very well at all’) diff --git a/versioned_docs/version-4.5/developers/components/built-in.md b/versioned_docs/version-4.5/developers/components/built-in.md index b7f4498e..bb89efe9 100644 --- a/versioned_docs/version-4.5/developers/components/built-in.md +++ b/versioned_docs/version-4.5/developers/components/built-in.md @@ -7,7 +7,6 @@ title: Built-In Components Harper provides extended features using built-in components. They do **not** need to be installed with a package manager, and simply must be specified in a config to run. These are used throughout many Harper docs, guides, and examples. Unlike external components which have their own semantic versions, built-in components follow Harper's semantic version. - [Built-In Components](#built-in-components) - - [fastifyRoutes](#fastifyroutes) - [graphql](#graphql) - [graphqlSchema](#graphqlschema) - [jsResource](#jsresource) @@ -20,19 +19,6 @@ Harper provides extended features using built-in components. They do **not** nee -## fastifyRoutes - -Specify custom endpoints using [Fastify](https://fastify.dev/). - -This component is a [Resource Extension](./reference#resource-extension) and can be configured with the [`files`, `path`, and `root`](./reference#resource-extension-configuration) configuration options. - -Complete documentation for this feature is available here: [Define Fastify Routes](../applications/define-routes) - -```yaml -fastifyRoutes: - files: './routes/*.js' -``` - ## graphql > GraphQL querying is **experimental**, and only partially implements the GraphQL Over HTTP / GraphQL specifications. diff --git a/versioned_docs/version-4.6/developers/applications/define-routes.md b/versioned_docs/version-4.6/developers/applications/define-routes.md deleted file mode 100644 index c442f9f1..00000000 --- a/versioned_docs/version-4.6/developers/applications/define-routes.md +++ /dev/null @@ -1,119 +0,0 @@ ---- -title: Define Fastify Routes ---- - -# Define Fastify Routes - -Harper’s applications provide an extension for loading [Fastify](https://www.fastify.io/) routes as a way to handle endpoints. While we generally recommend building your endpoints/APIs with Harper's [REST interface](../rest) for better performance and standards compliance, Fastify's route can provide an extensive API for highly customized path handling. Below is a very simple example of a route declaration. - -The fastify route handler can be configured in your application's config.yaml (this is the default config if you used the [application template](https://github.com/HarperDB/application-template)): - -```yaml -fastifyRoutes: # This loads files that define fastify routes using fastify's auto-loader - files: routes/*.js # specify the location of route definition modules - path: . # relative to the app-name, like https://server/app-name/route-name -``` - -By default, route URLs are configured to be: - -- \[**Instance URL**]:\[**HTTP Port**]/\[**Project Name**]/\[**Route URL**] - -However, you can specify the path to be `/` if you wish to have your routes handling the root path of incoming URLs. - -- The route below, using the default config, within the **dogs** project, with a route of **breeds** would be available at **[http://localhost:9926/dogs/breeds](http://localhost:9926/dogs/breeds)**. - -In effect, this route is just a pass-through to Harper. The same result could have been achieved by hitting the core Harper API, since it uses **hdbCore.preValidation** and **hdbCore.request**, which are defined in the "helper methods" section, below. - -```javascript -export default async (server, { hdbCore, logger }) => { - server.route({ - url: '/', - method: 'POST', - preValidation: hdbCore.preValidation, - handler: hdbCore.request, - }); -}; -``` - -## Custom Handlers - -For endpoints where you want to execute multiple operations against Harper, or perform additional processing (like an ML classification, or an aggregation, or a call to a 3rd party API), you can define your own logic in the handler. The function below will execute a query against the dogs table, and filter the results to only return those dogs over 4 years in age. - -**IMPORTANT: This route has NO preValidation and uses hdbCore.requestWithoutAuthentication, which- as the name implies- bypasses all user authentication. See the security concerns and mitigations in the "helper methods" section, below.** - -```javascript -export default async (server, { hdbCore, logger }) => { - server.route({ - url: '/:id', - method: 'GET', - handler: (request) => { - request.body= { - operation: 'sql', - sql: `SELECT * FROM dev.dog WHERE id = ${request.params.id}` - }; - - const result = await hdbCore.requestWithoutAuthentication(request); - return result.filter((dog) => dog.age > 4); - } - }); -} -``` - -## Custom preValidation Hooks - -The simple example above was just a pass-through to Harper- the exact same result could have been achieved by hitting the core Harper API. But for many applications, you may want to authenticate the user using custom logic you write, or by conferring with a 3rd party service. Custom preValidation hooks let you do just that. - -Below is an example of a route that uses a custom validation hook: - -```javascript -import customValidation from '../helpers/customValidation'; - -export default async (server, { hdbCore, logger }) => { - server.route({ - url: '/:id', - method: 'GET', - preValidation: (request) => customValidation(request, logger), - handler: (request) => { - request.body = { - operation: 'sql', - sql: `SELECT * FROM dev.dog WHERE id = ${request.params.id}`, - }; - - return hdbCore.requestWithoutAuthentication(request); - }, - }); -}; -``` - -Notice we imported customValidation from the **helpers** directory. To include a helper, and to see the actual code within customValidation, see [Helper Methods](./define-routes#helper-methods). - -## Helper Methods - -When declaring routes, you are given access to 2 helper methods: hdbCore and logger. - -**hdbCore** - -hdbCore contains three functions that allow you to authenticate an inbound request, and execute operations against Harper directly, by passing the standard Operations API. - -- **preValidation** - - This is an array of functions used for fastify authentication. The second function takes the authorization header from the inbound request and executes the same authentication as the standard Harper Operations API (for example, `hdbCore.preValidation[1](./req, resp, callback)`). It will determine if the user exists, and if they are allowed to perform this operation. **If you use the request method, you have to use preValidation to get the authenticated user**. - -- **request** - - This will execute a request with Harper using the operations API. The `request.body` should contain a standard Harper operation and must also include the `hdb_user` property that was in `request.body` provided in the callback. - -- **requestWithoutAuthentication** - - Executes a request against Harper without any security checks around whether the inbound user is allowed to make this request. For security purposes, you should always take the following precautions when using this method: - - Properly handle user-submitted values, including url params. User-submitted values should only be used for `search_value` and for defining values in records. Special care should be taken to properly escape any values if user-submitted values are used for SQL. - -**logger** - -This helper allows you to write directly to the log file, hdb.log. It’s useful for debugging during development, although you may also use the console logger. There are 5 functions contained within logger, each of which pertains to a different **logging.level** configuration in your harperdb-config.yaml file. - -- logger.trace(‘Starting the handler for /dogs’) -- logger.debug(‘This should only fire once’) -- logger.warn(‘This should never ever fire’) -- logger.error(‘This did not go well’) -- logger.fatal(‘This did not go very well at all’) diff --git a/versioned_docs/version-4.6/reference/components/built-in-extensions.md b/versioned_docs/version-4.6/reference/components/built-in-extensions.md index 49ec5fcb..f107cf11 100644 --- a/versioned_docs/version-4.6/reference/components/built-in-extensions.md +++ b/versioned_docs/version-4.6/reference/components/built-in-extensions.md @@ -9,7 +9,6 @@ Harper provides extended features using built-in extensions. They do **not** nee For more information read the [Components, Applications, and Extensions](../../developers/applications/) documentation section. - [Built-In Extensions](#built-in-extensions) - - [fastifyRoutes](#fastifyroutes) - [graphql](#graphql) - [graphqlSchema](#graphqlschema) - [jsResource](#jsresource) @@ -31,19 +30,6 @@ dataLoader: files: 'data/*.json' ``` -## fastifyRoutes - -Specify custom endpoints using [Fastify](https://fastify.dev/). - -This component is a [Resource Extension](./extensions#resource-extension) and can be configured with the [`files` and `urlPath`](./extensions#resource-extension-configuration) configuration options. - -Complete documentation for this feature is available here: [Define Fastify Routes](../../developers/applications/define-routes) - -```yaml -fastifyRoutes: - files: 'routes/*.js' -``` - ## graphql > GraphQL querying is **experimental**, and only partially implements the GraphQL Over HTTP / GraphQL specifications.