| blob | 52d700b92e74f059c68cccf3f1809adbe9fdd5c5 |
1 'use strict';
3 var express = require('express');
4 var cors = require('cors');
5 var env = require('gitter-web-env');
6 var identifyRoute = env.middlewares.identifyRoute;
8 // API uses CORS
9 var corsOptions = {
10 origin: true,
11 methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH'],
12 maxAge: 600, // 10 minutes
13 allowedHeaders: ['content-type', 'x-access-token', 'authorization', 'accept'],
14 exposedHeaders: [
15 // Rate limiting with dolph
16 'X-RateLimit-Limit',
17 'X-RateLimit-Remaining',
18 'X-RateLimit-Reset'
19 ]
20 };
22 var router = express.Router({ caseSensitive: true, mergeParams: true });
24 router.get('/', function(req, res) {
25 res.redirect('https://developer.gitter.im');
26 });
28 router.use(cors(corsOptions));
29 router.options('*', cors(corsOptions));
31 router.use(require('../web/middlewares/disallow-transfer-encoding-chunked'));
33 router.use('/v1', require('./v1'));
34 router.use('/private', require('./private'));
36 /** These two routes may seem a bit bizare, but we need to mount
37 * /api/private/health_check on the api.gitter.com/api/private/.. even though
38 * everything else is mounted on the root
39 */
40 router.get(
41 '/api/private/health_check',
42 identifyRoute('api-private-health-check'),
43 require('./private/health-check')
44 );
46 router.get(
47 '/api/private/health_check/full',
48 identifyRoute('api-private-health-check-full'),
49 require('./private/health-check-full')
50 );
52 /* Catch all - return 404 error */
53 if (!process.env.DISABLE_API_404_HANDLER) {
54 router.get('/*', function(req, res, next) {
55 return next(404);
56 });
57 }
59 // Error Handlers
60 router.use('/', require('../web/middlewares/token-error-handler'));
61 if (!process.env.DISABLE_API_ERROR_HANDLER) {
62 router.use('/', env.middlewares.errorHandler);
63 }
65 module.exports = router;