routes.js

const controller = (name, method) => require(`./controllers/${name}`)[method]
const param = name => require(`./params/${name}`)

const AuthServer = require('domain/auth/AuthServer')
const { env, config } = require('bootstrap')

const Router = require('@koa/router')
const multer = require('@koa/multer')
const upload = multer({ dest: '/tmp/' })
const attach = require('koa-mount')

const context = require('http/middleware/ThreadContextWrapper')
const errors = require('http/middleware/ErrorHandler')
const includes = require('http/middleware/ParseIncludes')
const profiling = require('http/middleware/Profiler')
const loaders = require('http/middleware/MountLoaders')
const userGate = require('http/middleware/RequiresAuth')
const authRedirect = require('http/middleware/RedirectToLogin')
const device = require('http/middleware/DeviceProperties').extractDevice
const safemode = require('http/middleware/SafeModeBlock')

const createOIDCServer = require('domain/auth/oidc/OIDCServer')

const v2 = require('./routers/routes_v2')

const well_known = new Router({ prefix: '/.well-known' })
well_known.get('wk.jwks', '/jwks.json', async ctx => {
	const { getJWKS } = require('core/utils/jwt')
	ctx.set('Cache-Control', `public, max-age=30`)

	ctx.body = await getJWKS()
})
well_known.get('wk.oidc', '/openid-configuration', controller('oidc', 'mapRoutes'))

const web = new Router()
web.use(profiling)
web.use(device)

web.all('/test/oidc', ctx => {
	ctx.body = {
		body: ctx.request.body,
		query: ctx.request.query,
		headers: ctx.request.headers,
	}
})

web.use(well_known.allowedMethods())
web.use(well_known.routes())

web.all('/oidc/i/:uid', controller('oidc', 'interaction'))
web.all('/oidc/i/:uid/login', controller('oidc', 'handleLogin'))
web.all('/oidc/i/:uid/confirm', controller('oidc', 'confirm'))
web.all('/oidc/i/:uid/reject', controller('oidc', 'reject'))
web.all(/^\/oidc\/.*/, controller('oidc', 'mapRoutes'))

web.get('/login', controller('auth', 'showLogin'))
web.post('/login', controller('auth', 'login'))
web.get('/logout', controller('auth', 'logout'))

web.get('/reset-password', controller('auth', 'resetPassword'))
web.post('/reset-password', controller('auth', 'handleResetPassword'))

web.get('/auth/authorize', authRedirect, AuthServer.authorize)
web.post('/auth/authorize', AuthServer.authorize)
web.post('/auth/token', AuthServer.token)
env('FS_DRIVER', 'local') === 'local' &&
	(function () {
		const debug = require('debug')('server:routes')
		debug('Mounting local file upload routes for signed URLs')
		const p = `${config('fs.url')}/:uid/:fid`

		web.put(
			p,
			errors,
			includes,
			loaders,
			userGate,
			upload.single('file'),
			controller('fs_local', 'uploadFile'),
		)
		web.get(p, errors, includes, loaders, controller('fs_local', 'serveFile'))

		debug(`Mounted GET ${p} to serve local files`)
		debug(`Mounted PUT ${p} to upload local files`)
	})()

const apiRouter = new Router({ prefix: '/api' })
const apiLegacy = new Router({ prefix: '/api/api' })

function mount(api) {
	api.use(context)
	api.use(profiling)
	api.use(errors)
	api.use(includes)
	api.use(loaders)
	api.use(device)

	api.get('/', ctx => {
		const pkg = require('../../package.json')
		ctx.body = {
			name: 'Jetsam Data API',
			version: pkg.version,
			prefix: ctx.path,
		}
	})

	api.post('/metrics', safemode, controller('api/content', 'postMetric'))
	api.get('/metrics', controller('api/content', 'getWithin'))

	api.get('/images', controller('api/storage', 'getFiles'))
	api.post(
		'/images',
		safemode,
		upload.single('featured_image'),
		controller('api/storage', 'saveFile'),
	)
	api.post(
		'/images/:imageId/feature',
		safemode,
		controller('api/storage', 'featureImage'),
	)

	/** @deprecated */
	api.post(
		'/feature',
		safemode,
		upload.single('featured_image'),
		controller('api/storage', 'saveFile'),
	)

	api.get('/feed', controller('api/storage', 'feed'))
	api.post('/feed/:fileId/like', safemode, controller('api/storage', 'like'))
	api.post('/feed/:fileId/unlike', safemode, controller('api/storage', 'unlike'))

	api.post('/register', safemode, controller('api/auth', 'register'))
	api.post('/login', controller('api/auth', 'login'))

	api.post('/auth/reset-token', safemode, controller('api/auth', 'triggerPasswordReset'))
	api.post(
		'/auth/reset-password',
		safemode,
		controller('api/auth', 'handlePasswordReset'),
	)

	api.param('oauthClientId', param('oauth_client'))

	api.get('/oauth/clients', controller('api/oauth', 'listClients'))
	api.post('/oauth/clients', safemode, controller('api/oauth', 'createClient'))
	api.post(
		'/oauth/clients/:oauthClientId/redirects',
		safemode,
		controller('api/oauth', 'addClientRedirect'),
	)
	api.delete(
		'/oauth/clients/:oauthClientId/redirects',
		safemode,
		controller('api/oauth', 'removeClientRedirect'),
	)

	api.get('/self', controller('api/user', 'self'))
	api.get('/self/bundles', controller('api/app', 'getBundles'))
	api.put('/self/:property', safemode, controller('api/user', 'updateOne'))

	api.post('/an/id', async ctx => {})
	api.post('/an/ev', safemode, controller('api/analytics', 'track'))

	api.post('/feedback', safemode, controller('api/feedback', 'send'))

	api.use(v2.allowedMethods())
	api.use(v2.routes())
}

mount(apiRouter)
mount(apiLegacy)

module.exports = {
	web,
	apiRouter,
	apiLegacy,
}