Uranio API extends Uranio CORE.
Uranio API can run a web service for an Application Programming Interface with CRUD operations.
The web service use Express.js internally.
More service types will be available in the future
Urano API provides also a method that runs on Lambda Functions. Useful for deplying on AWS Lambda or Netlify.
// Method for Lambda
import uranio from 'uranio';
uranio.init();
const uranio_lambda = uranio.lambda.connect_and_create();
const handler = async (event:uranio.lambda.LambdaEvent, context:uranio.lambda.LambdaContext)
:Promise<uranio.lambda.HandlerResponse> => {
return await uranio_lambda.handle(event, context);
};
export { handler };Uranio API generates for each Atom the following routes:
See what is an Atom
countfind_onefindfind_idinsertupdatedeleteinsert_multipleupdate_multipledelete_multiple
For the atom media it generates also the routes:
uploadpresigned
count returns how many records are in the relation.
| key | value |
|---|---|
| URL | /count |
| METHOD | GET |
| QUERY | [filter] |
| ACTION | READ |
find_one returns the first record that match the filter values.
| key | value |
|---|---|
| URL | /first |
| METHOD | GET |
| QUERY | [filter, options] |
| ACTION | READ |
find returns all the record that match the filter values.
| key | value |
|---|---|
| URL | / |
| METHOD | GET |
| QUERY | [filter, options] |
| ACTION | READ |
Find id returns
| key | value |
|---|---|
| URL | /:id |
| METHOD | GET |
| QUERY | [options] |
| ACTION | READ |
insert add a new record to the relation and returns the record created.
| key | value |
|---|---|
| URL | / |
| METHOD | POST |
| BODY | A record in JSON format. |
| ACTION | WRITE |
update update a record and returns the record updated.
| key | value |
|---|---|
| URL | /:id |
| METHOD | POST |
| BODY | A partial record in JSON format. |
| ACTION | WRITE |
delete deletes a record and returns the deleted record.
| key | value |
|---|---|
| URL | /:id |
| METHOD | DELETE |
| ACTION | WRITE |
insert_multiple add new records to the relation and returns the records created.
| key | value |
|---|---|
| URL | /multiple |
| METHOD | POST |
| BODY | A array of records in JSON format. |
| ACTION | WRITE |
update_multiple update records and returns the records updated.
| key | value |
|---|---|
| URL | /multiple/:ids |
| METHOD | POST |
| BODY | A partial record with the fields to update in JSON format. |
| ACTION | WRITE |
delete deletes records and returns the deleted records.
| key | value |
|---|---|
| URL | /multiple/:ids |
| METHOD | DELETE |
| ACTION | WRITE |
upload upload a file and return the media record created.
| key | value |
|---|---|
| URL | /upload |
| METHOD | POST |
| BODY | {file: Buffer | BufferArray | Blob} |
| ACTION | WRITE |
presigned generate a presigned URL for uploading on AWS or Google Cloud Storage.
| key | value |
|---|---|
| URL | /presigned |
| METHOD | GET |
| ACTION | READ |
Uranio API provides an authentication route for each AuthAtom.
See what is an AuthAtom
The route path must be defined in Book with the attribute auth_url inside
the dock property:
// src/customer/index.ts
import uranio from 'uranio';
export default uranio.register.atom({
authenticate: true,
properties: {
...
},
dock:{
url: '/customers',
auth_url: '/auth-customer',
...
}
});Then the route https://myservice.com/[prefix-api]/auth-customer will
accept a POST request with a JSON body:
{
email: 'email@email.com',
password: 'fjs8a9fysa98fhafaj'
}If the authentication succeed, the server respond with a payload containing a
JWT token.
The JWT token can be then sent back to the server through the header
urn-auth-token.
GET /uranio/api/products HTTP/1.1
Host: myhost.com
Accept: application/json
urn-auth-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3...
If the client and the server are on the same domain there is no need to send back
the token, since the server will also set an HttpOnly cookie with the token.
If the authentication succeed the server will also send back a Set-Cookie Header
with the JWT token.
The cookie is HttpOnly; SameSite=Strict; Secure;. Therefore the browser
will send back the token for each request without JS needed.
But it will do only if the server is the same.
See HttpOnly flag
See SameSite flag
The token expire after a week. The expiration time can be changed in the config toml file.
For each authenticated call the server will respond with a header containing a new token.
The server will also set a new HttpOnly cookie on each request.
With the following folder structure:
src
`-- atoms
`-- product
|-- routes
| `-- add-review.ts
`-- index.ts
Uranio will create a new route for the Atom product. The route name would be add-review.
The module add-review.ts must export a route definition:
// src/atoms/product/routes/add_review.ts
import uranio from 'uranio';
export default uranio.register.route({
url: '/add-review-custom-url',
method: uranio.types.RouteMethod.POST,
action: uranio.types.AuthAction.WRITE,
query: ['stars', 'customer'],
return 'number',
call: async (request:uranio.types.Api.Request<'product','add_review'>):Promise<'number'>{
// Some logic
const bll_customers = uranio.core.bll.create('customer', request.passport);
const customer = await bll_customers.find_id(request.customer);
// Some logic
return request.query.stars || 0;
}
});The web serivce then will have the following route:
https://myservice.com/[prefix-api]/products/add-review-custom-url
that will call the method defined under the property call in the definition
module.