EPIC-API-v2/config.ru.example at master · fberber/EPIC-API-v2 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#\ --host YOUR_IP --port YOUR_PORT --server mizuno

=begin License
  Copyright ©2011-2012 Pieter van Beek <pieterb@sara.nl>

  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
=end


$LOAD_PATH.unshift 'src'
require 'epic.rb'


# The default configuration uses Rack::Chunked to allow streaming of response
# bodies. Using this middleware, we don't have to specify a +Content-Length+
# header.
require 'rack/chunked'
use Rack::Chunked


# This middleware is only used during development, and should be disabled in
# production services. It checks if the source code has changed since the last
# request, and reloads the new source code when needed.
#
# This works _most_ of the time, but can lead to unexpected results too...
# If you're debugging the service, make sure you don't accidentally chase
# phantom bugs introduced by dynamically reloading source files!

###<<<<<<<<<<<<<<<<<<<<<<------PERFORMANCE-------->>>>>>>>>>>>>>>>>>>>>>####
##									  ##
## 		ACTIVATING THIS LEADS TO 				  ##
##		PERIODICALLY RELOAD OF ALL 				  ##
## 		SOURCES AT PERFORMANCE'S EXPENSE			  ##
##									  ##
##		#require 'rack/reloader'				  ##
##		#use Rack::Reloader, 1				          ##
##									  ##
######----------------------------------------------------------------######

# Check the documentation. This is just an optional bit of optimization.
use Rack::Sendfile


# Some parts of the namespace are not dynamically generated from ruby scripts,
# but just served statically from the filesystem.
# This includes stuff like CSS files, the favicon etc.
use Rack::Static,
  :urls  => ['/inc/', '/favicon.ico', '/docs/'],
         #~ %r{/(templates|profiles)/\d+/.+}],
         #~ ['/inc', '/docs'],
  :root  => 'public',
  :index => nil


# When run behind an Apache reverse proxy server, the original request scheme
# (http or https) gets lost. This config works around this for epic_1.0.0:
# This config also sends the environment to the logging in order to create Messages there
use Rack::Config do
  |env|
  env['HTTP_X_FORWARDED_SSL'] = 'on'
end


# This middleware allows our web service to provide _relative_ _URI's_ in the
# +Location:+ response header. According to RFC2616 (HTTP/1.1) only absolute
# URI's are allowed. This middleware translates our relative URI's to absolute
# URI's, given the request path.
#
# Warning: The web service depends on this middleware being present!
require 'rackful/middleware/relative_location'
use Rackful::RelativeLocation


# As said, the distribution comes with HTTP Digest authentication preconfigured.
# The example of HTTP Basic Auth shows the usage of the logging in order to detect failed accesses.
#use Rack::Auth::Digest::MD5, {
#    :realm => EPIC::REALM, :opaque => EPIC::OPAQUE, :passwords_hashed => true
#  } do
#  |username|
#  username = username.to_str
#  EPIC::USERS[username] ? EPIC::USERS[username][:digest] : nil
#end
use Rack::Auth::Basic do
  |username, password|
  result =
    EPIC::USERS[username] && (
      EPIC::USERS[username][:digest] == Digest::MD5.hexdigest(
        [ username, EPIC::REALM, password ] * ':'
      ).to_s
    )
  result
end


# Perform header spoofing.
#
# This allows users to provide HTTP headers in query parameters to the service.
# This can be handy when you're using a web browser to contact the service.
# For example, to retrieve a JSON response instead of the "default" XHTML, you'd
# normally send an +Accept:+ request header.
#
# With the following middleware in place, you can also append
# +?_http_accept=application/json+ to the URL.
require 'rackful/middleware/header_spoofing'
use Rackful::HeaderSpoofing

# Run a config check before starting up the webserver.
# If Logcheck fails, then stop with an exception.
# This prevents the server from crashing, if wrong config settings are applied while being productive.
require "epic_checkconfig.rb"
check_config = EPIC::CheckConfig.instance()

# And finally, let's start the actual web service:
# +epic.rb+ is the top level include file for the EPIC web service.
# All other necessary files are included from there.
run Rackful::Server.new( EPIC::ResourceFactory.instance )