Refactoring of api routes

pkg/api/api.go

@@ -7,61 +7,61 @@ import (
 	"github.com/torkelo/grafana-pro/pkg/setting"
 )
 
+// Register adds http routes
 func Register(m *macaron.Macaron) {
 	auth := middleware.Auth()
 
-	// index
+	// not logged in views
 	m.Get("/", auth, Index)
 	m.Post("/logout", LogoutPost)
 	m.Post("/login", LoginPost)
-
-	// login
 	m.Get("/login/:name", OAuthLogin)
 	m.Get("/login", Index)
 
-	// account
+	// authed views
 	m.Get("/account/", auth, Index)
-	m.Get("/api/account/", auth, GetAccount)
+	m.Get("/account/datasources/", auth, Index)
-	m.Post("/api/account/collaborators/add", auth, AddCollaborator)
-	m.Post("/api/account/using/:id", auth, SetUsingAccount)
-	m.Get("/api/account/others", auth, GetOtherAccounts)
-
-	// Token
-	m.Get("/api/tokens/list", auth, GetTokens)
-	m.Put("/api/tokens", auth, AddToken)
-	m.Post("/api/tokens", auth, UpdateToken)
-	m.Delete("/api/tokens/:id", auth, DeleteToken)
-
-	// data sources
-	m.Get("/acount/datasources/", auth, Index)
-	m.Get("/api/datasources/list", auth, GetDataSources)
-	m.Put("/api/datasources", auth, AddDataSource)
-	m.Post("/api/datasources", auth, UpdateDataSource)
-	m.Delete("/api/datasources/:id", auth, DeleteDataSource)
-
-	// system admin
 	m.Get("/admin", auth, Index)
+	m.Get("/dashboard/*", auth, Index)
 
-	// data source proxy
+	// sign up
-	m.Any("/api/datasources/proxy/:id/*", auth, ProxyDataSourceRequest)
-
-	// User sign up
 	m.Get("/signup", Index)
 	m.Post("/api/account/signup", SignUp)
 
-	// dashboards
+	// authed api
-	m.Get("/dashboard/*", auth, Index)
+	m.Group("/api", func() {
-	m.Get("/api/dashboards/:slug", auth, GetDashboard)
+		// account
-	m.Get("/api/search/", auth, Search)
+		m.Group("/account", func() {
-	m.Post("/api/dashboard/", auth, PostDashboard)
+			m.Get("/", GetAccount)
-	m.Delete("/api/dashboard/:slug", auth, DeleteDashboard)
+			m.Post("/collaborators/add", AddCollaborator)
+			m.Post("/using/:id", SetUsingAccount)
+			m.Get("/others", GetOtherAccounts)
+		})
+		// Token
+		m.Group("/tokens", func() {
+			m.Combo("/").Get(GetTokens).Put(AddToken).Post(UpdateToken)
+			m.Delete("/:id", DeleteToken)
+		})
+		// Data sources
+		m.Group("/datasources", func() {
+			m.Combo("/").Get(GetDataSources).Put(AddDataSource).Post(UpdateDataSource)
+			m.Delete("/:id", DeleteDataSource)
+			m.Any("/proxy/:id/*", auth, ProxyDataSourceRequest)
+		})
+		// Dashboard
+		m.Group("/dashboard", func() {
+			m.Combo("/:slug").Get(GetDashboard).Delete(DeleteDashboard)
+			m.Post("/", PostDashboard)
+		})
+		// Search
+		m.Get("/search/", Search)
+		// metrics
+		m.Get("/metrics/test", auth, GetTestMetrics)
+	}, auth)
 
 	// rendering
 	m.Get("/render/*", auth, RenderToPng)
 
-	// metrics
-	m.Get("/api/metrics/test", auth, GetTestMetrics)
-
 	m.NotFound(NotFound)
 }
 
@@ -89,6 +89,11 @@ func Index(c *middleware.Context) {
 }
 
 func NotFound(c *middleware.Context) {
+	if c.IsApiRequest() {
+		c.JsonApiErr(200, "Not found", nil)
+		return
+	}
+
 	if err := setIndexViewData(c); err != nil {
 		c.Handle(500, "Failed to get settings", err)
 		return

pkg/middleware/auth.go

@@ -2,25 +2,25 @@ package middleware
 
 import (
 	"errors"
-	"github.com/Unknwon/macaron"
-	"github.com/macaron-contrib/session"
 	"strconv"
 	"strings"
 
+	"github.com/Unknwon/macaron"
+
 	"github.com/torkelo/grafana-pro/pkg/bus"
 	m "github.com/torkelo/grafana-pro/pkg/models"
 	"github.com/torkelo/grafana-pro/pkg/setting"
 )
 
-func authGetRequestAccountId(c *Context, sess session.Store) (int64, error) {
+func authGetRequestAccountId(c *Context) (int64, error) {
-	accountId := sess.Get("accountId")
+	accountId := c.Session.Get("accountId")
 
 	urlQuery := c.Req.URL.Query()
 
 	// TODO: check that this is a localhost request
 	if len(urlQuery["render"]) > 0 {
 		accId, _ := strconv.ParseInt(urlQuery["accountId"][0], 10, 64)
-		sess.Set("accountId", accId)
+		c.Session.Set("accountId", accId)
 		accountId = accId
 	}
 
@@ -36,6 +36,10 @@ func authGetRequestAccountId(c *Context, sess session.Store) (int64, error) {
 }
 
 func authDenied(c *Context) {
+	if c.IsApiRequest() {
+		c.JsonApiErr(401, "Access denied", nil)
+	}
+
 	c.Redirect(setting.AppSubUrl + "/login")
 }
 
@@ -61,8 +65,8 @@ func authByToken(c *Context) {
 	c.Account = usingQuery.Result
 }
 
-func authBySession(c *Context, sess session.Store) {
+func authBySession(c *Context) {
-	accountId, err := authGetRequestAccountId(c, sess)
+	accountId, err := authGetRequestAccountId(c)
 
 	if err != nil && c.Req.URL.Path != "/login" {
 		authDenied(c)
@@ -86,10 +90,10 @@ func authBySession(c *Context, sess session.Store) {
 }
 
 func Auth() macaron.Handler {
-	return func(c *Context, sess session.Store) {
+	return func(c *Context) {
 		authByToken(c)
 		if c.UserAccount == nil {
-			authBySession(c, sess)
+			authBySession(c)
 		}
 	}
 }

pkg/middleware/middleware.go

@@ -3,6 +3,7 @@ package middleware
 import (
 	"encoding/json"
 	"strconv"
+	"strings"
 
 	"github.com/Unknwon/macaron"
 	"github.com/macaron-contrib/session"
@@ -62,6 +63,10 @@ func (ctx *Context) JsonOK(message string) {
 	ctx.JSON(200, resp)
 }
 
+func (ctx *Context) IsApiRequest() bool {
+	return strings.HasPrefix(ctx.Req.URL.Path, "/api")
+}
+
 func (ctx *Context) JsonApiErr(status int, message string, err error) {
 	resp := make(map[string]interface{})