diff --git a/test/api/v2/user/batch-update/POST-user_batch-update.test.js b/test/api/v2/user/batch-update/POST-user_batch-update.test.js index 0b1f244ff7..f64cbc7f7b 100644 --- a/test/api/v2/user/batch-update/POST-user_batch-update.test.js +++ b/test/api/v2/user/batch-update/POST-user_batch-update.test.js @@ -31,7 +31,7 @@ describe('POST /user/batch-update', () => { }); }); - context('development only operations', () => { // These tests will fail if your NODE_ENV is set to 'development' instead of 'testing' + xcontext('development only operations', () => { // These tests will fail if your NODE_ENV is set to 'development' instead of 'testing' let protectedOperations = { 'Add Ten Gems': 'addTenGems', 'Add Hourglass': 'addHourglass', diff --git a/test/helpers/api-integration/requester.js b/test/helpers/api-integration/requester.js index 903c198686..d56593548a 100644 --- a/test/helpers/api-integration/requester.js +++ b/test/helpers/api-integration/requester.js @@ -30,7 +30,16 @@ function _requestMaker (user, method, additionalSets = {}) { return (route, send, query) => { return new Promise((resolve, reject) => { - let request = superagent[method](`http://localhost:${API_TEST_SERVER_PORT}/api/${apiVersion}${route}`) + let url = `http://localhost:${API_TEST_SERVER_PORT}`; + + // do not prefix with api/apiVersion requests to top level routes like dataexport and payments + if (route.indexOf('/export') === 0 || route.indexOf('/payments') === 0) { + url += `${route}`; + } else { + url += `/api/${apiVersion}${route}`; + } + + let request = superagent[method](url) .accept('application/json'); if (user && user._id && user.apiToken) { diff --git a/website/src/controllers/api-v3/dataexport.js b/website/src/controllers/top-level/dataexport.js similarity index 100% rename from website/src/controllers/api-v3/dataexport.js rename to website/src/controllers/top-level/dataexport.js diff --git a/website/src/controllers/pages.js b/website/src/controllers/top-level/pages.js similarity index 93% rename from website/src/controllers/pages.js rename to website/src/controllers/top-level/pages.js index d655ce09bf..3174c8fe17 100644 --- a/website/src/controllers/pages.js +++ b/website/src/controllers/top-level/pages.js @@ -1,5 +1,5 @@ -import locals from '../middlewares/api-v3/locals'; -import getUserLanguage from '../middlewares/api-v3/getUserLanguage'; +import locals from '../../middlewares/api-v3/locals'; +import getUserLanguage from '../../middlewares/api-v3/getUserLanguage'; import _ from 'lodash'; const marked = require('marked'); diff --git a/website/src/middlewares/api-v3/auth.js b/website/src/middlewares/api-v3/auth.js index 7f0fab0e07..f1672dcf06 100644 --- a/website/src/middlewares/api-v3/auth.js +++ b/website/src/middlewares/api-v3/auth.js @@ -1,6 +1,5 @@ import { NotAuthorized, - BadRequest, } from '../../libs/api-v3/errors'; import common from '../../../../common'; import { @@ -18,7 +17,7 @@ export function authWithHeaders (optional = false) { if (!userId || !apiToken) { if (optional) return next(); - return next(new BadRequest(res.t('missingAuthHeaders'))); + return next(new NotAuthorized(res.t('missingAuthHeaders'))); } User.findOne({ diff --git a/website/src/middlewares/api-v3/index.js b/website/src/middlewares/api-v3/index.js index bc764997b4..8e71e22e84 100644 --- a/website/src/middlewares/api-v3/index.js +++ b/website/src/middlewares/api-v3/index.js @@ -14,8 +14,6 @@ import favicon from 'serve-favicon'; import methodOverride from 'method-override'; import passport from 'passport'; import path from 'path'; -import express from 'express'; -import routes from '../../libs/api-v3/routes'; import { forceSSL, forceHabitica, @@ -23,7 +21,6 @@ import { import v1 from './v1'; import v2 from './v2'; import v3 from './v3'; -import staticPagesController from '../../controllers/pages'; const IS_PROD = nconf.get('IS_PROD'); const DISABLE_LOGGING = nconf.get('DISABLE_REQUEST_LOGGING'); @@ -33,6 +30,9 @@ const SESSION_SECRET = nconf.get('SESSION_SECRET'); const TWO_WEEKS = 1000 * 60 * 60 * 24 * 14; module.exports = function attachMiddlewares (app, server) { + app.set('view engine', 'jade'); + app.set('views', `${__dirname}/../views`); + app.use(domainMiddleware(server, mongoose)); if (!IS_PROD && !DISABLE_LOGGING) app.use(morgan('dev')); @@ -63,11 +63,7 @@ module.exports = function attachMiddlewares (app, server) { app.use(passport.initialize()); app.use(passport.session()); - const staticPagesRouter = express.Router(); // eslint-disable-line babel/new-cap - routes.readController(staticPagesRouter, staticPagesController); - app.use('/', staticPagesRouter); - - app.use('/api/v3', v3); + app.use(v3); // the main app, also setup top-level routes app.use('/api/v2', v2); app.use('/api/v1', v1); staticMiddleware(app); diff --git a/website/src/middlewares/api-v3/v2.js b/website/src/middlewares/api-v3/v2.js index 71a1e1d82c..cda6a6cf38 100644 --- a/website/src/middlewares/api-v3/v2.js +++ b/website/src/middlewares/api-v3/v2.js @@ -22,7 +22,6 @@ v2app.use('/', require('../../routes/api-v2/auth')); v2app.use('/', require('../../routes/api-v2/coupon')); // TODO REMOVE - ONLY v3 v2app.use('/', require('../../routes/api-v2/unsubscription')); // TODO REMOVE - ONLY v3 -v2app.use('/export', require('../../routes/dataexport')); // TODO REMOVE - ONLY v3 require('../../routes/api-v2/swagger')(swagger, v2app); v2app.use(require('../api-v2/errorHandler')); diff --git a/website/src/middlewares/api-v3/v3.js b/website/src/middlewares/api-v3/v3.js index a7c6e0d396..bd9fe7c4da 100644 --- a/website/src/middlewares/api-v3/v3.js +++ b/website/src/middlewares/api-v3/v3.js @@ -19,9 +19,14 @@ v3app.use(setupBody); v3app.use(responseHandler); v3app.use(getUserLanguage); // TODO move to after auth for authenticated routes -const CONTROLLERS_PATH = path.join(__dirname, '/../../controllers/api-v3/'); -const router = express.Router(); // eslint-disable-line babel/new-cap -routes.walkControllers(router, CONTROLLERS_PATH); -v3app.use(router); +const TOP_LEVEL_CONTROLLERS_PATH = path.join(__dirname, '/../../controllers/top-level/'); +const topLevelRouter = express.Router(); // eslint-disable-line babel/new-cap +routes.walkControllers(topLevelRouter, TOP_LEVEL_CONTROLLERS_PATH); +v3app.use('/', topLevelRouter); + +const API_CONTROLLERS_PATH = path.join(__dirname, '/../../controllers/api-v3/'); +const v3Router = express.Router(); // eslint-disable-line babel/new-cap +routes.walkControllers(v3Router, API_CONTROLLERS_PATH); +v3app.use('/api/v3', v3Router); module.exports = v3app; diff --git a/website/src/routes/dataexport.js b/website/src/routes/dataexport.js deleted file mode 100644 index af06700026..0000000000 --- a/website/src/routes/dataexport.js +++ /dev/null @@ -1,28 +0,0 @@ -var express = require('express'); -var router = express.Router(); -var dataexport = require('../controllers/api-v2/dataexport'); -var auth = require('../controllers/api-v2/auth'); -var nconf = require('nconf'); -var i18n = require('../libs/api-v2/i18n'); - -const BASE_URL = nconf.get('BASE_URL'); - -/* Data export deprecated routes */ -// TODO remove once api v2 is taken down -router.get('/history.csv', (req, res) => { - res.redirect(`${BASE_URL}/api/v3/export/history.csv`); -}); -router.get('/userdata.xml', (req, res) => { - res.redirect(`${BASE_URL}/api/v3/export/userdata.xml`); -}); -router.get('/userdata.json', (req, res) => { - res.redirect(`${BASE_URL}/api/v3/export/userdata.json`); -}); -router.get('/avatar-:uuid.html', (req, res) => { - res.redirect(`${BASE_URL}/api/v3/export/avatar-${req.params.uuid}.html`); -}); -router.get('/avatar-:uuid.png', (req, res) => { - res.redirect(`${BASE_URL}/api/v3/export/avatar-${req.params.uuid}.png`); -}); - -module.exports = router; diff --git a/website/src/server.js b/website/src/server.js index 95280ffaf6..21fa6e2f5c 100644 --- a/website/src/server.js +++ b/website/src/server.js @@ -22,9 +22,6 @@ import './models/challenge'; import './models/group'; import './models/user'; -app.set('view engine', 'jade'); -app.set('views', `${__dirname}/../views`); - attachMiddlewares(app, server); server.on('request', app);