v1.1.0 - 2020-12-17
onAuth, onAction, onReturn functions to global options.
v1.0.0 - 2020-12-10
Decaffeinated project, added ecmascript support, expanded usage of roleRequired
to allow setting of scope (or group).
v0.8.12 - 2017-01-23
- Support for SHA-256 hashed passwords sent from client in the default login endpoint
- PATCH support for default collection endpoints
- Allow custom error responses to be returned from custom auth functions by providing an
error
value in return object
- Bcrypt build error (required upgrade of
accounts-password
dependency to v1.3.3)
v0.8.11 - 2016-06-16
- Allow null or undefined to be returned from endpoint function when HTTP response is handled manually (#135)
v0.8.10 - 2016-03-28
- Add result from
onLoggedOut
hook todata.extra
field (#196) - Remove the default
onLoggedIn
andonLoggedOut
hooks that returned an empty object (docs incorrectly listed them asundefined
, but the result was not being used prior to v0.8.9)
v0.8.9 - 2016-03-14
- Add result from
onLoggedIn
hook todata.extra
field (#194)
v0.8.8 - 2016-03-10
- Update to the latest version of
simple:json-routes
(v2.1.0)- Resolves errors when using alongside Iron Router (#185)
v0.8.7 - 2016-02-24
- Declare dependency on accounts-password (#169)
v0.8.6 - 2016-02-24
- Update to the latest version of
simple:json-routes
(v2.0.1)
v0.8.5 - 2016-02-24
- Remove
Route
class from global namespace (#170)
v0.8.4 - 2015-08-18
- Default OPTIONS endpoint when CORS is enabled (#99)
- Enable CORS with default authentication when both are configured (#99)
v0.8.3 - 2015-08-12
- Accept explicit
username
oremail
in default login endpoint (#121)
v0.8.2 - 2015-08-05
- Update
simple:json-routes
to v1.0.4 to remove Connect deprecation warnings (#118)
v0.8.1 - 2015-07-07
- Default logout endpoint at
POST /api/logout
- Default logout endpoint at
GET /api/logout
(#100)- Will be removed in v1.0
- Use
POST /api/logout
instead
v0.8.0 - 2015-07-06
WARNING! API-breaking changes! Please be aware when upgrading!
Note: API-breaking changes are in bold
- Support API versioning via URL path
- API configuration option for defining a default OPTIONS endpoint (used on
any route that doesn't define it's own OPTIONS endpoint):
defaultOptionsEndpoint
- Export Restivus as a "class" instead of an object
- Replace Iron Router with [JSON Routes] (https://github.com/stubailo/meteor-rest/tree/master/packages/json-routes)! (#38)
- Return standard response codes in any autogenerated endpoints (#48)
201
: Resource created (inPOST
collection endpoints)403
: Role permission errors405
: API method not found (but route exists)
- Remove dependency on
useAuth
API config option for endpoint authentication (#49)
useAuth
API config option (replaced withuseDefaultAuth
to better reflect it's purpose, which is to generate the default auth endpoints)
- Iron Router related issues
- Issue #91: Return a
401
error when auth info is not provided in endpoint requiring default auth (previously returned500
error)
deleteAll
collection endpoint (it had the potential to be quite destructive - #47)Restivus.configure()
(configuration now available via Restivus constructor)
v0.7.1 - 2015-07-01
- Issue #95: On 401 and 403 errors, Restivus should wait before sending any data
v0.7.0 - 2015-06-18
WARNING! Potentially breaking changes! Please be aware when upgrading!
- Update default auth endpoints to match current Accounts token storage (#79)
- WARNING! All clients consuming a Restivus API with the default authentication will need to reauthenticate after this update
- Login token is now stored as
hashedToken
instead oftoken
- Return
401 Unauthorized
for failed authentication - When logging in with bad credentials, randomly delay the response (#81)
- Declare dependency on
accounts-base
package
v0.6.6 - 2015-05-25
- Improve the Contributing Guidelines
- Tighten up some conventions
- Add more detailed information
- Issue #68: Make Restivus a server-only package (
Restivus
is nowundefined
on the client)
v0.6.5 - 2015-04-27
- Include an endpoint's configuration options [in its context] (https://github.com/kahmali/meteor-restivus#thisendpointoption)
- Allow default response headers to be configured
- Allow CORS to be disabled in API config (using [
enableCors
] (https://github.com/kahmali/meteor-restivus#enablecors) option)- Resolves Issue #39
- Default response Content-Type is now
application/json
instead oftext/json
- This shouldn't have any effect on existing APIs. Updating to match standard JSON type, according to RFC 4627.
- Issue #32: Prevent non-JSON response types from being wrapped in quotes
- This bug required clients to do additional parsing of non-JSON types (removing quotes and escaped characters)
v0.6.4 - 2015-04-14
- Configuration option to disable Iron Router on the client (resolves Issue #24)
- Allow API to be configured and added to before Meteor starts (previously required within
Meteor.startup()
)
v0.6.3 - 2015-04-03
- Issue #20: Allow manual response in endpoints using underlying Node response object.
v0.6.2 - 2015-03-04
- Issue #14: Prevent endpoints from being generated for any
excludedEndpoints
configured on collection routes (previously generated when no options were configured for anyendpoints
). - Restivus.configure() is now bound to the Restivus object context
v0.6.1 - 2015-02-19
WARNING! API-breaking changes! Please be aware when upgrading!
- Allow existing collections to be added to API
- v0.6.0 did not allow you to work with existing collections, or access collections created in
Restivus elsewhere in your app, which is not the intended behavior. Since Meteor expects you to
construct each collection only once (using
new Mongo.Collection()
), and store that globally, Restivus now requires that you pass an existing collection inRestivus.addCollection()
, in place of the name.
- v0.6.0 did not allow you to work with existing collections, or access collections created in
Restivus elsewhere in your app, which is not the intended behavior. Since Meteor expects you to
construct each collection only once (using
v0.6.0 - 2015-02-17
WARNING! Do not use v0.6.0! Please upgrade to v0.6.1 or above. WARNING! API-breaking changes! Please be aware when upgrading!
Restivus.addCollection()
method for generating CRUD endpoints for Mongo Collections. Please see README for detailed information on defining collection routes in Restivus.
- Rename
Restivus.add()
toRestivus.addRoute()
for clarity, now thatRestivus.addCollection()
has been added to API. Warning! This is an API-breaking change! - Convert all responses generated by Restivus to JSend format. Warning! This is an API-breaking change!
- README
- Update and refactor README to include detailed information on new collection route features, including code examples and an all-new Quick Start example that also highlights the new Restivus.addCollection() method.
- Add "Terminology" section to the README for clarification on a few key terms that are heavily used throughout the docs
- Add section on upgrading from v0.5.x
v0.5.9 - 2015-02-16
- Allow user-defined OPTIONS endpoints on routes
- README
- Show support for OPTIONS endpoints in description and code examples in the Defining Endpoints section of README
v0.5.8 - 2015-02-11
- The following options have been added in
Restivus.configure()
to allow for custom user authentication on endpoints (see Configuration Options for a much more detailed breakdown):auth.token
: The path to the auth token in theMeteor.user
documentauth.user
: A function providing one of two levels of authentication, depending on the data it returns. Once the user authentication completes successfully, the authenticated user and their ID will be attached to the endpoint context.
- README
- Add
auth.token
andauth.user
to Configuration Options
- Add
v0.5.7 - 2015-02-02
- README
- Update Quick Start examples so Restivus is configured and built from within the Meteor.startup() callback
- Add "Important!" note in the Configuration and Defining Routes sections that these must be done within the Meteor.startup() callback
- Resolve and configure endpoints in Route.addToApi() instead of Route constructor so that endpoints are never configured until the API has been configured (with Restivus.configure()). This was causing unexpected behavior in routes that were added before the API was configured, such as authentication not being checked when necessary (so this.user and this.userId were undefined in authenticated endpoints).
v0.5.6 - 2015-01-31
- Issue #2: Make Restivus._initAuth() private only by convention for proper context. Context was accidentally altered when refactoring Restivus into a class in latest update.
v0.5.5 - 2015-01-30
- User role permissions for limiting access to endpoints (works alongside the
alanning:roles
package)
- Resolve and configure endpoints during Route construction, to prevent a bunch of unnecessary processing every time an endpoint was being accessed. This should yield at least a minor performance gain on all endpoints.
- Refactor Route and Restivus into CoffeeScript classes
- README
- Add info on setting up role permissions to Route Options and Defining Endpoints sections
- Update Quick Start example to show definition of role permissions on an endpoint
v0.5.4 - 2015-01-27
- Issue #1: The default api path ('api/') is used if no apiPath is provided in Restivus.configure() (would previously crash Meteor).
- Only a
config.apiPath
that is missing the trailing '/' will have it appended during API configuration
v0.5.3 - 2015-01-15
- Access
this.userId
within authenticated endpoints
- README
- Add
this.userId
to Endpoint Context - Specify context in
onLoggedIn
andonLoggedOut
hooks
- Add
- Context in onLoggedIn and onLoggedOut hooks is now the same as within an authenticated endpoint
v0.5.2 - 2015-01-14
- Support pretty JSON in API configuration
- README
- Show endpoint object in 'Quick Start' code examples
- Restructure topic hierarchy
- Change 'Route Structure' section to 'Path Structure' and reword for consistent use of terminology
- Add
prettyJson
to Configuration Options
- Prevent endpoint from being called if authentication fails (and return 401)
v0.5.1 - 2015-01-10
- Allow cross-domain requests to API from browsers (CORS-compliant)
- README
- Clean up code examples
- Add section on documenting API with apiDoc
- Specify supported Meteor version
- Add section on default http response configuration
- Make it more readable in plain-text format
- Terminology (in code, comments, and README)
Method
: The type of HTTP request (e.g., GET, PUT, POST, etc.)Endpoint
: The function executed when a request is made at a given path for a specific HTTP methodRoute
: A path and a set of endpoints
Content-Type
header in endpoint response will default totext/json
if not overridden by user
v0.5.0 - 2015-01-04
- Initial release