Get your restify API up and running in no time :) Most of the things the boilerplate does should be self-explaining. If not: AMA
I included a custom authorization plugin, which is enabled by default. Feel free to modify its settings inside config/global.json
Making CORS work properly if you use custom headers is not always straightforward (restify / Issue #284). The boilerplate provides a helper, which takes care of MethodNotAllowed responses in conjunction with preflight requests + custom headers.
Enable via config.Security.UseAuth
Every request you make must be authenticated. The REST API uses a custom HTTP scheme based on a keyed-HMAC (Hash Message Authentication Code) for authentication.
The value of the Authorization header is as follows:
Authorization: <Config/Security/Scheme> <AccessKey>:<Signature(Base64(HMAC-SHA1(UTF-8(<String to Sign>), UTF-8(<SecretAccessKey>))))>
AccessKey: Provided by config/global.json
SecretAccessKey: Provided by config/global.json
String to Sign: Value of the <Config/Security/StringToSign> header
You can find an example in the examples/client branch.
Enable via config.Security.UseACL
The Boilerplate now supports ACL via node_acl. Take a look at config/global.json for configuration ...
By default node-bunyan is used for logging to a file (./logs/{{NODE_ENV}}-{{SERVER:NAME}}.log). Additionally sending logs to Loggly is supported (take a look at the config file).
NODE_ENV is not yet used to allow different configurations for development / production. The only thing it does is disabling the Auth- and CORS-Plugin in development.
$ NODE_ENV=production node server
vs.
$node server