Use a multiple params route to be able to extract the username from

the path or default to host header.
2015-02-02 12:09:34 +01:00 · 2015-02-02 12:09:34 +01:00 · e5ab4272eb
commit e5ab4272eb
parent 81edbfb826
6 changed files with 31 additions and 36 deletions
--- a/app/controllers/app.js
+++ b/app/controllers/app.js
@ -171,18 +171,6 @@ app.get(global.settings.base_url + '/cachestatus', handleCacheStatus);
 app.get(global.settings.base_url + '/health',  handleHealthCheck);
 app.get(global.settings.base_url + '/version', handleVersion);

-if (global.settings.user_url) {
-  var user_url = global.settings.user_url;
-  if (user_url.indexOf(':user') === -1) {
-    throw new Error("user_url setting must contain :user")
-  }
-  app.all(user_url + global.settings.base_url + '/sql', handleQuery);
-  app.all(user_url + global.settings.base_url + '/sql.:f', handleQuery);
-  app.get(user_url + global.settings.base_url + '/cachestatus', handleCacheStatus);
-  app.get(user_url + global.settings.base_url + '/health', handleHealthCheck);
-  app.get(user_url + global.settings.base_url + '/version', handleVersion);
-}
-
 var sqlQueryMayWriteRegex = new RegExp("\\b(alter|insert|update|delete|create|drop|reindex|truncate)\\b", "i");
 /**
 * This is a fuzzy check, the return could be true even if the query doesn't really write anything. But you can be
@ -223,7 +211,7 @@ function handleQuery(req, res) {
    var filename  = requestedFilename;
    var requestedSkipfields = params.skipfields;
    // if the request contains the user use it, if not guess from the host
-    var cdbUsername = req.params.user || cdbReq.userByReq(req);
+    var cdbUsername = cdbReq.userByReq(req);
    var skipfields;
    var dp        = params.dp; // decimal point digits (defaults to 6)
    var gn        = "the_geom"; // TODO: read from configuration file
--- a/app/models/cartodb_request.js
+++ b/app/models/cartodb_request.js
@ -9,20 +9,26 @@ function CartodbRequest() {
 module.exports = CartodbRequest;

 CartodbRequest.prototype.userByReq = function(req) {
-  var host = req.headers.host;
-  var mat = host.match(re_userFromHost);
-  if ( ! mat ) {
-    console.error("ERROR: user pattern '" + re_userFromHost + "' does not match hostname '" + host + "'");
-    return;
-  }
-  // console.log("Matches: "); console.dir(mat);
-  if ( ! mat.length === 2 ) {
-    console.error("ERROR: pattern '" + re_userFromHost + "' gave unexpected matches against '" + host + "': " + mat);
-    return;
-  }
-  return mat[1];
+    if (req.params.user) {
+        return req.params.user;
+    }
+    return userByHostName(req.headers.host);
 };

 var re_userFromHost = new RegExp(
    global.settings.user_from_host || '^([^\\.]+)\\.' // would extract "strk" from "strk.cartodb.com"
 );
+
+function userByHostName(host) {
+    var mat = host.match(re_userFromHost);
+    if (!mat) {
+        console.error("ERROR: user pattern '" + re_userFromHost + "' does not match hostname '" + host + "'");
+        return;
+    }
+
+    if (mat.length !== 2) {
+        console.error("ERROR: pattern '" + re_userFromHost + "' gave unexpected matches against '" + host + "': " + mat);
+        return;
+    }
+    return mat[1];
+}
--- a/config/environments/development.js.example
+++ b/config/environments/development.js.example
@ -1,10 +1,6 @@
-module.exports.base_url     = '/api/:version';
-// if user_url is defined the api will respond to requests like:
-// user_url + base_url
-// for example
-// /u/:user/api/sql?q=....
-// needs to have :user parameter, if not it will fail on server startup
-module.exports.user_url     = '/u/:user';
+// In case the base_url has a :user param the username will be the one specified in the URL,
+// otherwise it will fallback to extract the username from the host header.
+module.exports.base_url     = '(?:/api/:version|/u/:user/api/:version)';
 // If useProfiler is true every response will be served with an
 // X-SQLAPI-Profile header containing elapsed timing for various
 // steps taken for producing the response.
--- a/config/environments/production.js.example
+++ b/config/environments/production.js.example
@ -1,4 +1,6 @@
-module.exports.base_url     = '/api/:version';
+// In case the base_url has a :user param the username will be the one specified in the URL,
+// otherwise it will fallback to extract the username from the host header.
+module.exports.base_url     = '(?:/api/:version|/u/:user/api/:version)';
 // If useProfiler is true every response will be served with an
 // X-SQLAPI-Profile header containing elapsed timing for various
 // steps taken for producing the response.
--- a/config/environments/staging.js.example
+++ b/config/environments/staging.js.example
@ -1,4 +1,6 @@
-module.exports.base_url     = '/api/:version';
+// In case the base_url has a :user param the username will be the one specified in the URL,
+// otherwise it will fallback to extract the username from the host header.
+module.exports.base_url     = '(?:/api/:version|/u/:user/api/:version)';
 // If useProfiler is true every response will be served with an
 // X-SQLAPI-Profile header containing elapsed timing for various
 // steps taken for producing the response.
--- a/config/environments/test.js.example
+++ b/config/environments/test.js.example
@ -1,5 +1,6 @@
-module.exports.base_url     = '/api/:version';
-module.exports.user_url     = '/u/:user';
+// In case the base_url has a :user param the username will be the one specified in the URL,
+// otherwise it will fallback to extract the username from the host header.
+module.exports.base_url     = '(?:/api/:version|/u/:user/api/:version)';
 // If useProfiler is true every response will be served with an
 // X-SQLAPI-Profile header containing elapsed timing for various
 // steps taken for producing the response.