Express has recently deprecated `req.param()` to force developers
to be explicit about the source of the value. To avoid deprecation
warnings, this commit replaces all calls of `req.param()` with a
simplified inline version.
Enhance the error objects with a `code` property containing
a machine-readable string code describing the error, for example
INVALID_TOKEN or USER_NOT_FOUND.
Also improve 404 error messages to include the model name.
Bugs fixed:
- express helpers like `req.get` are now available in middleware
handlers registered via `app.middleware`
- `req.url` does not include the mountpath prefix now, this is
consistent with the behaviour of `app.use`
The implementation of phased middleware was completely rewritten.
- We no longer use Phase and PhaseList objects from loopback-phase.
- Handler functions are registered via the `Layer` mechanism used by
express router.
- The app keeps the layers sorted according to phases.
Add a new argument to `app.middleware` allowing developers
to restrict the middleware to a list of paths or regular expresions.
Modify `app.middlewareFromConfig` to pass `config.paths` as the second
arg of `app.middleware`.
Examples:
// A string path (interpreted via path-to-regexp)
app.middleware('auth', '/admin', ldapAuth);
// A regular expression
app.middleware('initial', /^\/~(admin|root)/, rejectWith404);
// A list of scopes
app.middleware('routes', ['/api', /^\/assets/.*\.json$/], foo);
// From config
app.middlewareFromConfig(
handlerFactory,
{
phase: 'initial',
paths: ['/scope', /^\/(a|b)/]
});
The new location allows developer to use the following identifiers
when loading the middleware using the new declarative style:
app.middlewareFromConfig(
require('loopback/server/middleware/rest'),
{ phase: 'routes' });
app.middlewareFromConfig(
require('loopback/server/middleware/url-not-found'),
{ phase: 'final' });
Refactor the implementation to use the new method `phaseList.zipMerge`.
This is commit is changing the behaviour in the case when
the first new phase does not exist in the current list.
Before the change, all new phases were added just before the "routes"
phase.
After this change, new phases are added to the head of the list,
until an existing phase is encountered, at which point the regular
merge algorithm kicks in.
Example:
app.defineMiddlewarePhases(['first', 'routes', 'subapps']);
Before the change: code throws an error - 'routes' already exists.
After the change: phases are merged with the following result:
'first', 'initial', ..., 'routes', 'subapps', ...
Implement method for registering (new) middleware phases.
- If all names are new, then the phases are added just before
the "routes" phase.
- Otherwise the provided list of names is merged with the existing
phases in such way that the order of phases is preserved.
Example
// built-in phases:
// initial, session, auth, parse, routes, files, final
app.defineMiddlewarePhases('custom');
// new list of phases
// initial, session, auth, parse,
// custom,
// routes, files, final
app.defineMiddlewarePhases([
'initial', 'postinit', 'preauth', 'routes', 'subapps'
]);
// new list of phases
// initial,
// postinit, preauth,
// session, auth, parse, custom,
// routes,
// subapps,
// files, final
Implement a function registering a middleware using a factory function
and a JSON config.
Example:
app.middlewareFromConfig(compression, {
enabled: true,
phase: 'initial',
config: {
threshold: 128
}
});
Modify the app and router implementation, so that the middleware is
executed in order defined by phases.
Predefined phases:
'initial', 'session', 'auth', 'parse', 'routes', 'files', 'final'
Methods defined via `app.use`, `app.route` and friends are executed
as the first thing in 'routes' phase.
API usage:
app.middleware('initial', compression());
app.middleware('initial:before', serveFavicon());
app.middleware('files:after', loopback.urlNotFound());
app.middleware('final:after', errorHandler());
Middleware flavours:
// regular handler
function handler(req, res, next) {
// do stuff
next();
}
// error handler
function errorHandler(err, req, res, next) {
// handle error and/or call next
next(err);
}
Modify `loopback.rest()` to read the configuration for
`loopback.context` from `app.get('remoting')`, which is the approach
used for all other configuration options related to the REST transport.
- Implement the middleware `loopback.context`
- Inject context into juggler and strong-remoting
- Make http context optional and default to false
- Optionally mount context middleware from `loopback.rest`
Allow the developer to pass custom `remoting` options via Model
settings, e.g.
PersistedModel.extend(
'MyModel',
{ name: String },
{
remoting: { normalizeHttpPath: true }
});
Also add `options` arg to `app.handler`, this object is passed directly
to strong-remoting handler.
When running on Unix and no hostname is specified, use `0.0.0.0`
as the hostname instead of `localhost`.
When running on Windows and the hostname is either not specified or
it is `0.0.0.0` or `::`, use `localhost` in the URL. The reason is
that Windows cannot open URLs using `0.0.0.0` as a hostname.
- Move core models `Model` and `PersistedModel` to `lib/`.
- Move `AccessContext` class to `lib/`, since it is not a model.
- Move all other built-in models to `common/models`.
This is a preparation for extracting model definitions to JSON files.
By splitting the change into multiple commits, git is able to keep track
of file moves (renames).
Modify `registry.configureModel()` to log a warning when `dataSource`
optiont is not specified at all.
Users should provide `dataSource: null` when the model is intentionally
not attached to any data-source.
Remove `req.pause` and `req.resume` from `app.enableAuth`
- they are no longer needed, the request starts paused and there is
no other middleware that would resume it before us.
- when we resume the request after authentication, we force all
other async operations (like sharedCtor) to call pause & resume too,
otherwise data are lost
When a public model is added to an application and the model has change
tracking enabled, its Change model is added to the public models.
Before this change, conflict resolution in the browser was not working,
because it was not possible to fetch the remote change.
Fix the query in `Checkpoint.current()` to correctly specify sorting
`seq DESC`. Before this change, the first checkpoint was returned as the
current one.
Most applications report the URL when started (at least the apps we
are scaffolding using loopback-workspace). Constructing the URL in the
loopback core allows us to simplify the templates and reduce the amount
of repeated code.
- Move configuration of Karma unit-tests from `Gruntfile.js` to a
standalone file (`test/karma.conf.js`).
- Add a new Grunt task `karma:unit-ci` to run Karma unit-tests in
PhantomJS and produce karma-xunit.xml file that can be consumed
by the CI server.
- Add grunt-mocha-test, configure it to run unit-tests.
- Add `grunt test` task that runs both karma and mocha tests,
detects Jenkins to produce XML output on CI server.
- Modify the `test` script in `package.json` to run
`grunt mocha-and-karma` (an alias for `grunt test`).
The alias is required to trick `sl-ci-run` to run `npm test`
instead of calling directly `mocha`.
- Add `es5-shim` module to karma unit-tests in order to provide
ES5-methods required by LoopBack.
- Fix `mixin(source)` in lib/loopback.js to work in PhantomJS.
`Object.getOwnPropertyDescriptor()` provided by `es5-shim` does not
work in the same way as in Node.
Rename `loopback.getModel` to `loopback.findModel`.
Implement `loopback.getModel` as a wrapper around `findModel` that
throws an error when the model as not found.
Expose the juggler's DataSource constructor as `loopback.DataSource`.
The DataSource constructor is most useful to check
for `instanceof DataSource`, but it also makes the loopback API more
consistent, since the API is already exposing all pre-built Models.
Fix the problem where `registry.defaultDataSources` has two instances:
- `require('loopback').defaultDataSources` used by
`loopback.autoAttach()`
- `require('./registry').defaultDataSources` used by
`app.dataSource`.
I am intentionally leaving out unit-tests as the whole `autoAttach`
feature is going to be deleted before 2.0 is released.
Move isBrowser and isServer from lib/loopback to a new file lib/runtime.
Move all Model and DataSource related methods like `createModel` and
`createDataSource` to lib/registry.
Remove the circular dependency between lib/application and lib/loopback,
by loading lib/registry and/or lib/runtime instead of lib/loopback
where appropriate
This commit is only moving the code around, the functionality should
not be changed at all.
Add new API allowing developers to split the model definition and
configuration into two steps:
1. Build models from JSON config, export them for re-use:
```js
var Customer = loopback.createModelFromConfig({
name: 'Customer',
base: 'User',
properties: {
address: 'string'
}
});
```
2. Attach existing models to a dataSource and a loopback app,
modify certain model aspects like relations:
```js
loopback.configureModel(Customer, {
dataSource: db,
relations: { /* ... */ }
});
```
Rework `app.model` to use `loopback.configureModel` under the hood.
Here is the new usage:
```js
var Customer = require('./models').Customer;
app.model(Customer, {
dataSource: 'db',
relations: { /* ... */ }
});
```
In order to preserve backwards compatibility,
`app.model(name, config)` calls both `createModelFromConfig`
and `configureModel`.
Expose the juggler's DataSource constructor as `loopback.DataSource`.
The DataSource constructor is most useful to check
for `instanceof DataSource`, but it also makes the loopback API more
consistent, since the API is already exposing all pre-built Models.
Fix the problem where `registry.defaultDataSources` has two instances:
- `require('loopback').defaultDataSources` used by
`loopback.autoAttach()`
- `require('./registry').defaultDataSources` used by
`app.dataSource`.
I am intentionally leaving out unit-tests as the whole `autoAttach`
feature is going to be deleted before 2.0 is released.
Move isBrowser and isServer from lib/loopback to a new file lib/runtime.
Move all Model and DataSource related methods like `createModel` and
`createDataSource` to lib/registry.
Remove the circular dependency between lib/application and lib/loopback,
by loading lib/registry and/or lib/runtime instead of lib/loopback
where appropriate
This commit is only moving the code around, the functionality should
not be changed at all.
Use
@property {Object} [properties]
instead of
@property {Object=} properties
for optional properties.
Use `**example**` instead of `@example`, since strong-docs don't support
the latter.
Add new API allowing developers to split the model definition and
configuration into two steps:
1. Build models from JSON config, export them for re-use:
```js
var Customer = loopback.createModelFromConfig({
name: 'Customer',
base: 'User',
properties: {
address: 'string'
}
});
```
2. Attach existing models to a dataSource and a loopback app,
modify certain model aspects like relations:
```js
loopback.configureModel(Customer, {
dataSource: db,
relations: { /* ... */ }
});
```
Rework `app.model` to use `loopback.configureModel` under the hood.
Here is the new usage:
```js
var Customer = require('./models').Customer;
app.model(Customer, {
dataSource: 'db',
relations: { /* ... */ }
});
```
In order to preserve backwards compatibility with loopback 1.x,
`app.model(name, config)` calls both `createModelFromConfig`
and `configureModel`.
Allow browserified applications to explicitly register connectors
to use in data-sources via `app.connector(name, exportsFromRequire)`.
Include built-in connectors like `Memory` and `Remote` in the registry.
Modify `dataSourcesFromConfig()` to resolve the connector via
`app.connectors` first and only then fall back to auto-require
the connector module.
Support flat structure of model config objects, where model options
are set as top-level properties.
Before:
Customer: {
dataSource: 'db',
options: {
base: 'User'
}
}
Now:
Customer: {
dataSource: 'db',
base: 'User'
}
Make `loopback.rest` self-contained, so that authentication works
out of the box.
var app = loopback();
app.enableAuth();
app.use(loopback.rest());
Note that cookie parsing middleware is not added, users have to
explicitly configure that if they want to store access tokens
in cookies.
Modify `loopback.token` to skip token lookup when the request already
contains `accessToken` property. This is in line with other
connect-based middleware like `cookieParser` or `json`.