		{
		"name": "orion-api",
		"version": "1.0.30",
		"version": "1.0.31",
		"description": "REST API engine",
		"main": "index.js",
		"repository": {
		"type": "git",
		"url": "https://github.com/ctjong/orion"
		},
		"scripts": {
		@@ -7,0 +11,0 @@ "test": "echo \"Error: no test specified\" && exit 1"

160

Readme.md

		@@ -1,9 +0,11 @@
		Orion allows you to build a REST API app in just a few steps! This library is to be used in
		combination with Node and Express. It sets up all the necessary CRUD data endpoints, file uploads,
		authentication endpoints, and error handling.
		# Orion API

		[![npm](https://img.shields.io/npm/v/orion-api.svg)]() [![npm](https://img.shields.io/npm/dm/orion-api.svg)]() [![David](https://img.shields.io/david/ctjong/orion.svg)]()

		Orion allows you to build a REST API app in just a few steps! This library is to be used in combination with Node and Express. It sets up all the necessary CRUD data endpoints, file uploads, authentication endpoints, and error handling.

		The latest version of the library supports the following components:
		- Database: SQL Server
		- Storage: Azure Blob Storage
		- Authentication: Local, Facebook
		- Authentication: First Party, Facebook
		- Monitoring: Azure Application Insights
		@@ -25,113 +27,92 @@
		2. Install Express and Orion to your application and save it to package.json.
		```bash
		$ npm install --save express
		$ npm install --save orion-api
		```
		3. Create a configuration module. Please see the [configuration](#configuration) section below for
		more details.
		4. (Optional) Set up database tables based on the configuration you created (if you haven't), using
		Orion's setup.js. The script is located at the root path of the Orion module source code. It takes
		the configuration file path and the output file path as arguments.
		```bash
		$ node node_modules/orion-api/setup.js ./config.js ./setup.sql
		```
		The above command will create a SQL server query file named setup.sql that you can run on the
		database server to set up the tables.
		5. Set up server.js for the application entry point. Import Express, Orion, and the configuration
		module you created, and set up the application as follows:
		```js
		var express = require('express');
		var orion = require('orion-api');
		var config = require('./config');
		```bash
		$ npm install --save express
		$ npm install --save orion-api
		```
		3. Create a configuration module. Please see the [configuration](#configuration) section below for more details.
		4. (Optional) Set up database tables based on the configuration you created (if you haven't), using Orion's setup.js. The script is located at the root path of the Orion module source code. It takes the configuration file path and the output file path as arguments.
		```bash
		$ node node_modules/orion-api/setup.js ./config.js ./setup.sql
		```
		The above command will create a SQL server query file named setup.sql that you can run on the database server to set up the tables.
		5. Set up server.js for the application entry point. Import Express, Orion, and the configuration module you created, and set up the application as follows:
		```js
		var express = require('express');
		var orion = require('orion-api');
		var config = require('./config');

		var app = new express();
		orion.setConfig(config);
		orion.setupApiEndpoints(app);
		orion.startApiApp(app);
		```
		6. You're all set up! You can now run server.js to see your app in action. Unless you specify a port
		in the startApiApp() call, you will see your app running at port 1337.
		```bash
		$ node server.js
		$ # your app should now run at http://localhost:1337
		```
		var app = new express();
		orion.setConfig(config);
		orion.setupApiEndpoints(app);
		orion.startApiApp(app);
		```
		6. You're all set up! You can now run server.js to see your app in action. Unless you specify a port in the startApiApp() call, you will see your app running at port 1337.
		```bash
		$ node server.js
		$ # your app should now run at http://localhost:1337
		```

		## Configuration

		A configuration module is required to give the application the necessary information about your
		project. This module should specify the connection strings, authentication and authorization settings,
		user roles and access levels, and most importantly, the data models.
		A configuration module is required to give the application the necessary information about your project. This module should specify the connection strings, authentication and authorization settings, user roles and access levels, and most importantly, the data models.

		Below is the structure of a configuration module, with description for each property.
		Below is the list of settings to be included in a configuration module:
		- secretKey - (Required) Secret key string for authentication purposes.
		- salt - (Required) Salt string for encrypting passwords.
		- databaseConnectionString - (Required) Database connection string.
		- storageConnectionString - (Optional) Azure Blob Storage connection string. Required for file upload. Set to null if not applicable.
		- storageContainerName - (Optional) Azure Blob Storage account name. Required for file upload. Set to null if not applicable.
		- appInsightsKey - (Optional) Azure Application Insights key. Required for monitoring. Set to null if not applicable.
		- facebookAppSecret - (Optional) Facebook app secret. Required for Facebook authentication. Set to null if not applicable.
		- facebookAppId - (Optional) Facebook app ID. Required for Facebook authentication. Set to null if not applicable.
		- passwordReqs - (Optional) An object contianing requirements for new user passwords. Required for first party authentication. It should contian the following rules:
		- minLength - (int) Minimum number of characters in a password.
		- uppercaseChar - (true/false) Whether or not a password should contain an uppercase character.
		- lowercaseChar - (true/false) Whether or not a password should contain an lowercase character.
		- digitChar - (true/false) Whether or not a password should contain a digit character.
		- specialChar - (true/false) Whether or not a password should contain an special character.
		- roles - (Required) Array of user roles. "guest" and "owner" are special user roles that don't need to be included in this list. A "guest" role is given to an unauthenticated user, and "owner" role is given to an authenticated user who is requesting a resource that they own.
		- defaultRole - (Required) Default role assigned to authenticated user after signing up.
		- entities - (Required) An object that contains a list of data entities (tables). The object keys would be the entity names, and the object valuse would be the [entity configurations](#entity-configuration). The entity name should contain no space, and preferably be all lowercase to make it consistent with the names in the database system.

		#### Entity configuration

		The entity configuration is an object that should contain the following properties:
		- fields - (Required) An object that contains a list of fields in the entity. The object keys would be the field names and the object values would be the [field configurations](#field-configuration). Similar to entity name, the field name should also contain no space, and preferably be all lowercase to make it consistent with the names in the database system.
		- readConditionStrings - (Required) An array of rules that specify conditions to append to database read queries, to restrict access based on the requestor's roles. Each array item should follow the structure of a [read condition rule](#read-condition-rule).
		- validators - (Required) An object that contains validator functions to check whether a user has permission to execute a database create/update/delete query, based on their roles. The object keys would be the operation names (create/update/delete), and the object values would be arrays of rules. Each rule should follow the structure of a [validator function rule](#validator-function-rule).

		#### Field configuration

		#### Read condition rule

		#### Validator function rule

		#### Sample configuration

		```js
		module.exports =
		{
		// (Required) Secret key string for authentication purposes.
		secretKey: __SECRETKEY__,

		// (Required) Salt string for encrypting passwords.
		salt: __SALT__,

		// (Required) Database connection string.
		databaseConnectionString: __DB_CONNECTION_STRING__,

		// (Optional) Azure Blob Storage connection string. Required if you want to support
		// file upload. Set to null if not applicable.
		storageConnectionString: __STORAGE_CONNECTION_STRING__,

		// (Optional) Azure Blob Storage account name. Required if you want to support
		// file upload. Set to null if not applicable.
		storageContainerName: __STORAGE_CONTAINER_NAME__,

		// (Optional) Azure Application Insights key. Required if you want to support
		// monitoring. Set to null if not applicable.
		appInsightsKey: __APPLICATION_INSIGHTS_KEY__,

		// (Optional) Facebook app secret. Required if you want to support Facebook
		// authentication. Set to null if not applicable.
		facebookAppSecret: __FACEBOOK_APP_SECRET__,

		// (Optional) Facebook app ID. Required if you want to support Facebook
		// authentication. Set to null if not applicable.
		facebookAppId: __FACEBOOK_APP_ID__,

		// (Required) Requirements for new user passwords
		passwordReqs:
		{
		// (Required) Minimum character length
		minLength: 8,

		// (Required) Whether or not the password should have an uppercase character.
		uppercaseChar: false,

		// (Required) Whether or not the password should have an lowercase character.
		lowercaseChar: false,

		// (Required) Whether or not the password should have a digit character.
		digitChar: false,

		// (Required) Whether or not the password should have a special character.
		specialChar: false
		},

		// (Required) Array of user roles.
		// "guest" and "owner" are special user roles that don't need to be included in this list.
		// "guest" role is given to an unauthenticated user, and "owner" role is given to an
		// authenticated user who is requesting a resource that they own.
		roles: ["member", "admin"],

		// (Required) Default role assigned to authenticated user after signing up.
		defaultRole: "member",

		// (Required) List of data entities/tables
		entities:
		{
		// The key to each object here will be the entity name. We suggest that you use
		// singular noun form as the entity name, so it will make good sense when it is
		// is used in the endpoint URL.

		"item":
		{
		// (Required) The list of fields in the entity/table
		fields:
		@@ -203,11 +184,4 @@ {
		},

		// (Required) Condition strings to be appended to read queries, based on who is
		// requesting it. Roles that are not listed here won't have read access to the
		// entity.
		readConditionStrings:
		[
		// Each object in this array represents a rule that is applied to a certain
		// set of user roles.

		{
		@@ -227,6 +201,2 @@ // (Required) A set of user roles that this rule applies to.
		],

		// (Required) Validator functions to check if a POST/PUT/DELETE request is valid
		// based on who is requesting it. Roles that are not listed here won't have POST/
		// PUT/DELETE access to the entity.
		validators:
		@@ -233,0 +203,0 @@ {

setup.js

@@ -0,0 +0,0 @@ if (process.argv.length < 4)

orion-api - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics