Build-in UnityBase endpoints. Are registered during UB.start

In addition to endpoints documented below endpoints ubql, stat, auth, logout and timeStamp are implemented inside native code (will be moved to JavaScript in future releases).


# clientRequireEp (reqTHTTPRequest, respTHTTPResponse) inner

The clientRequire endpoint. Used by client side loaders (SystemJS for example) to emulate commonJS require

Security note: It is very important to prevent loading a server-side logic to the client - server-side logic MUST be hidden from clients

To do this clientRequire endpoint:

  • allow access only to modules inside application node_modules folder
  • in case requested module is a UnityBase model (present in ubConfig.json) then restrict access to non-public part of such model

So developer should list all the modules that contain a sensitive server-side business logic inside the application config and set a moduleName parameter correctly for such models.

On the production where nginx is used as a reverse proxy requests to /clientRequire is intercepted by nginx and returns a static file previously linked by ubcli linkStatic command, which uses the same resolve algorithm as described above


# getAppInfoEp (reqTHTTPRequest, respTHTTPResponse) inner

The getAppInfo endpoint. Responsible for return a information about application required for a initial client side connectivity and UI setup


# getDomainInfoEp (reqTHTTPRequest, respTHTTPResponse) inner

The getDomainInfo endpoint. Return JSON representation of application Domain according to caller rights


# modelsEp (reqTHTTPRequest, respTHTTPResponse) inner

The models endpoint. Responsible for return a static files content from a model publicPath folders

For example request GET http://host:port/models/modelName/fileName will return a file from a public folder of a model modelName


# restEp (reqTHTTPRequest, respTHTTPResponse) inner

Execute entity level method with direct access to the HTTP request and response. Client calls such methods using POST /rest/entityCode/methodCode.

The main purpose is to create an entity-level method what accept a binary request body or returns a binary response

REST methods handler is called with 3 parameters: (ctxt: null, req: THTTPRequest, resp: THTTPResponse) and should fill a resp object props properly.

Endpoint verify user has access to method.

      // define entity method what can be called either using `/rest` or usong `/ubql`
me.getCertificate = function (ctxt, req, resp) {
  let certID
  if (req) { // endpoint is called as rest/uba_usercertificate/getCertificate?ID=1231
    if (!req.parsedParameters.ID) {
      return resp.badRequest('Missed ID; Expext URL to be rest/uba_usercertificate/getCertificate?ID=1231')
    certID = req.parsedParameters.ID
  } else {
    certID = ctxt.mParams.ID
  const store = UB.Repository('uba_usercertificate')
    .attrs(['ID', 'certificate'])
    .where('ID', '=', certID).select()
  if (store.eof) throw new Error('not found')

  let certificate = store.getAsBuffer('certificate')
  if (req) { // called as rest
    resp.writeHead('Content-Type: application/x-x509-user-cert')
    resp.statusCode = 200
  } else {
    certificate = Buffer.from(certificate)
    certificate = certificate.toString('base64')
    ctxt.dataStore.initialize({ fieldCount: 1, values: ['certificate', certificate], rowCount: 1 })

// on client side
// call using rest:
const certResp = await UB.connection.get('/rest/uba_usercertificate/getCertificate?ID=334607980199937')
const certBin =
// call using ubql:
const certResp = await UB.connection.query({entity: 'uba_usercertificate', method: 'getCertificate', ID:334607980199937})
const certBase64 =[0][0]

# staticEp (reqTHTTPRequest, respTHTTPResponse) inner

Default endpoint. Will be called in case URL do not start form a known endpoint. Current implementation will handle static files from ServerConfig.HTTPServer.inetPub folder