wireguard-manager/routes/api/v1/routes.mjs

import models from "../../../lib/models.mjs";


export default async function (fastify, opts) {
    fastify.register(async function secureApiContext(secureApiScope) {
        // check API token
        secureApiScope.addHook('onRequest', async (request, reply) => {
            if (!request.headers.authorization) {
                reply.code(401).send({ error: 'Unauthorized: missing Authorization header' });
                return;
            }

            const token = Object.values(await models.apiToken.getAll()).find(t => t.token === request.headers.authorization.replace('Bearer ', ''));

            if (!token) {
                reply.code(403).send({ error: 'Forbidden: invalid Token' });
                return;
            }
        });

        // check requested Model Type
        secureApiScope.addHook('onRequest', async (request, reply) => {
            if (!request.params.modelType) {
                reply.code(400).send({ error: 'Bad Request: missing Model Type' });
            }
            if (!models[request.params.modelType]) {
                reply.code(404).send({ error: 'Unavailable: requested Model is not available' });
            }
        });

        secureApiScope.get("/:modelType", async function (request, reply) {
            const objects = await models[request.params.modelType].getAll();
            reply.send(objects);
        });
        secureApiScope.post("/:modelType", async function (request, reply) {
            try {
                const newObject = await models[request.params.modelType].create(request.body);
                reply.send(newObject);
            } catch (error) {
                reply.code(500).send({ error: error.message });
            }
        });
        secureApiScope.get("/:modelType/:resourceId", async function (request, reply) {
            const object = await models[request.params.modelType].getById(request.params.resourceId);
            if (object) {
                reply.send(object);
            } else {
                reply.code(404).send({ error: 'Unavailable: requested Object is not available' });
            }
        });
        secureApiScope.patch("/:modelType/:resourceId", async function (request, reply) { });
        secureApiScope.delete("/:modelType/:resourceId", async function (request, reply) { });
    });
}