import models from "../../../lib/models.mjs"; export default async function (fastify, opts) { fastify.register(async function secureApiContext(secureApiScope) { // check API token secureApiScope.addHook('onRequest', async (request, reply) => { if (!request.headers.authorization) { reply.code(401).send({ error: 'Unauthorized: missing Authorization header' }); return; } const token = Object.values(await models.apiToken.getAll()).find(t => t.token === request.headers.authorization.replace('Bearer ', '')); if (!token) { reply.code(403).send({ error: 'Forbidden: invalid Token' }); return; } }); // check requested Model Type secureApiScope.addHook('onRequest', async (request, reply) => { if (!request.params.modelType) { reply.code(400).send({ error: 'Bad Request: missing Model Type' }); } if (!models[request.params.modelType]) { reply.code(404).send({ error: 'Unavailable: requested Model is not available' }); } }); secureApiScope.get("/:modelType", async function (request, reply) { const objects = await models[request.params.modelType].getAll(); reply.send(objects); }); secureApiScope.post("/:modelType", async function (request, reply) { try { const newObject = await models[request.params.modelType].create(request.body); reply.send(newObject); } catch (error) { reply.code(500).send({ error: error.message }); } }); secureApiScope.get("/:modelType/:resourceId", async function (request, reply) { const object = await models[request.params.modelType].getById(request.params.resourceId); if (object) { reply.send(object); } else { reply.code(404).send({ error: 'Unavailable: requested Object is not available' }); } }); secureApiScope.patch("/:modelType/:resourceId", async function (request, reply) { }); secureApiScope.delete("/:modelType/:resourceId", async function (request, reply) { }); }); }