REST API

Both Gravity Web and Gravity Native communicate with Gravity Server using a REST API.

The api files are located in /api

The structure of these files is simple; there are a list of endpoints that connect directly to the relevant controller method.

api.post('/api/account', use(accountController.create));

Each controller call is wrapped in a HOC (higher order component) called use. This is a middleware function that catches any errors in the controller methods, and then passes these to a global error handler – this prevents you from having to use try...catch in your application.

Protected Routes

You can protect any API route and make it accessible to only a specific user level using the auth.verify middleware method. You simply pass the user permission as a parameter.

api.get('/api/user', auth.verify('user'), use(userController.get));

Find out more about how authentication works in the next section.