Skip to content
Po.et's API Layer
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci
.github
Docker
mongodb
src
test
tests
typings
.dockerignore
.gitignore
.npmrc
.nvmrc
.nycrc
.renovaterc.json
Dockerfile
LICENSE
README.md
docker-compose.override.yml.example
docker-compose.yml fix: remove redis (#923) Apr 16, 2019
openapi.yaml
package-lock.json
package.json
tsconfig.json Validate ctx.params - New Approach (#159) Jul 2, 2018
tslint.json chore(deps): update dependency @po.et/tslint-rules to v2 (#550) Oct 30, 2018

README.md

Po.et API

CircleCI Renovate enabled semantic-release Join the chat at https://gitter.im/poetapp/Lobby

Po.et's API layer for publishers.

Getting started

Requirements

How to Run

To run the Po.et API, clone this repo, and make sure you have Docker and docker-compose installed.

Clone the repo:

git clone https://github.com/poetapp/frost-api.git
cd frost-api

To start the Po.et API development environment, run:

docker-compose up --build

You only need to run docker-compose build to create or update the Docker images, and docker-compose up -d to start them. To shut everything down, it is recommended to use docker-compose down --volumes to stop the running containers and clear any data. If you wish to keep data between invocations, use docker-compose down.

You can also docker-compose exec mongo bash to run the mongo shell.

Dependencies

Po.et API depends on RabbitMQ, IPFS, Bitcoin Core, Po.et node and MongoDB. These dependencies are setup automatically when you run docker-compose.

API

We are using the OpenAPI specification to document the Po.et API:

Tokens

There are four types of tokens generated by the Po.et API (see src/api/Tokens.ts). The two main ones used in the Po.et API methods described below are:

  • Login token - used to create and maintain the account
  • API token - used for creating and viewing works, for both live (mainnet) and test (testnet) environments

There are two other tokens sent by email:

  • Verify Account token - used when verifying an email address
  • Forgot Password token - used when resetting a passwordwithout the old password

Vault

The Po.et API uses Vault to encrypt and decrypt data that is stored in MongoDB.

The API needs Vault to be running, initialized and unsealed, with the transit engine enabled and an empty transit key at transit/keys/frost.

Currently, if the VAULT_TOKEN environment variable isn't set, the API will try and initialize, unseal and configure Vault automatically. This functionality will be removed in future releases.

To manually set up Vault, if using the provided Docker container:

sudo docker-compose exec vault vault operator init
sudo docker-compose exec vault vault operator unseal
sudo docker-compose exec vault vault login
sudo docker-compose exec vault vault secrets enable transit
sudo docker-compose exec vault vault write -f transit/keys/frost
sudo docker-compose exec vault vault write secret/frost jwt=jwtsecretkey

By default, init will create an Initial Root Token and 5 Unseal Keys, out of which any three can reconstruct the root token.

The Root Token is what we'll use in the VAULT_TOKEN environment variable, and also for the vault login command.

The key shares will need to be provided to the operator unseal command.

The jwt=jwtsecretkey in the write secret/frost jwt=jwtsecretkey is what will be used to sign the JWTs. In the future the API will directly consume the JWT environment variable.

These instructions are perfectly valid for a development environment, for production environments please follow more secure practices.

See also Vault dev server.

Error checking seal status

if you get an Error checking seal status error, check the status with:

curl https://127.0.0.1:8200/v1/sys/seal-status

Consul

See docs.

Start

consul agent -server -bootstrap-expect 1 -data-dir /tmp/consul -bind 127.0.0.1

Stop

ps ax | grep consul
kill -INT consul_pid

Delete data

WARNING: only use in development mode.

curl -X DELETE 'http://localhost:8500/v1/kv/vault?recurse'

Contributing

See Contributing.

Coverage

Coverage is generated with Istanbul. A more complete report can be generated by running npm run coverage, which will run npm run coverage:unit and npm run coverage:integration together. You may also execute these commands separately.

Note: We are using our own forks of nyc and istanbul-lib-instrument in order to add better support for TypeScript. We intend to contribute our forks back to nyc and istanbul-lib-instrument in order to make our solution available to the entire community. You can follow the issues in this PR, and check the new PRs for istanbul-lib-instrument.

Security

See https://www.po.et/security.

You can’t perform that action at this time.