IMPORTANT: this project is still in the very early stages and is not yet ready for unsolicited contributions. If you are interested in the project, please contact the development team.
Hobb API Server: backend for the Rebus Reader system
To start the regular server: npm start
To start the dev-server (which uses nodemon
to automatically restart): npm run dev-server
Unit tests can be run with npm run test
Integration tests will be added soon.
The server uses OAuth 2.0 for authorization, with JWT
tokens. The JWT tokens should use the same secret value as defined by the
SECRETORKEY
configuration variable (see below). It should also use the
audience and issuer defined by AUDIENCE
and ISSUER
.
Tokens are passed to the server as bearer tokens. A typical example:
GET /924WWrqtc2dbZMF2NQRiHp/library HTTP/1.1
Host: api.rebus.foundation
Date: Fri, 19 Oct 2018 16:25:55 GMT
Authorization: Bearer <token>
...where <token>
is the JWT token.
Typically only the owner of a resource can access a resource.
Requests without a JWT token will fail with a 401 status code.
Requests with a valid JWT token for access to another user's resources will fail with a 403 status code.
The server follows the ActivityPub API. All objects are represented as Activity Streams 2.0 JSON-LD.
The documentation for the routes and the expected request / response objects can be found in html format at route /docs
To get the raw json documentation, use the /swagger.json route
The server can handle the following activity types.
To upload a publication, use an activity with type Create
and object type
reader:Publication
. The publication should include all of its Document
members by value, with their full content.
To note that a user has read a document, use an activity with type Read
and
object type Document
.
The server uses environment variables for configuration.
AUDIENCE
: The expected audience for JWT tokens.DEPLOY_STAGE
: Deployment stage. One ofproduction
,staging
, ordevelopment
.DEV_PASSWORD
: A basic auth password used when in development or staging. Username isadmin
.DOMAIN
: Domain name of the server. If the server is hit with HTTP, redirects to https: plus this domain.ISSUER
: Expected issuer for JWT tokens.NODE_ENV
: Environment variable used by express. Can beproduction
ordevelopment
.SECRETORKEY
: Expected shared secret for JWT tokens.POSTGRE_INSTANCE
: the db server. Set it to 'localhost' for a local dev. If this variable is not set, the models will be stored in a SQLite database.POSTGRE_DB
: the name of the database.POSTGRE_USER
: the user name to use for the connectionPOSTGRE_PASSWORD
: the passwordSQLITE_DB
: filename of the SQLite database to store data ifPOSTGRE_INSTANCE
is not set. Defaults to "./dev.sqlite3".
The environment variables can be set in a .env file
IMPORTANT: this project is still in the very early stages and is not yet ready for unsolicited contributions. If you are interested in the project, please contact the development team.
prefix: message
Where prefix can be any of: build, ci, chore, docs, feat, fix, perf, refactor, revert, style, test.
The other rules are as described here
Code should be written in the Standard style and even if it isn't,
prettier-standard
is run on commit to convert the code into Standard style.
(I don't particularly prefer Standard style over any other variety, but we need a coding style and that one's as good as any other and comes with a bunch of ready-made tools.)