This document outlines the architecture and components of the OpenBazaar APIs.
jsonAPIHandler - JSONAPIConfig - OpenBazaarNode
Create a New JSON API Handler
- Set allowed IP addresses for the API
- Create a new handler with all the settings
- Grab the URL path
- Check if API is enabled and an allowed path and 403 if bad
- Check for unauthorized calls and send 403
- Configure CORS if necessary
- Set HTTPHeaders (optional)
- If authentication is enabled
- If no username or password is set try to get authentication cookie from the request
- Check if the request method is OPTIONS and return a 200 if it is.
- If not then check username and password
- Cancel this function if the request is a pre-flighted OPTIONS request
- Delete Cooke and Authorization headers from the request before logging because we don’t want those values stored in logs
- Log the API request to the api.log file
- Add application/json header of Content-Type
- Pass off call to handler based on method type (i.e. GET, POST, DELETE)
This file collates all of the routes for API calls, organized by request method type.