The App object represents a Loopback application.

The App object extends Express and supports Express / Connect middleware. See Express documentation for details.

var loopback = require('loopback');
var app = loopback();

app.get('/', function(req, res){
  res.send('hello world');
});

app.listen(3000);

Initialize an application from an options object or a set of JSON and JavaScript files.

This function takes an optional argument that is either a string or an object.

If the argument is a string, then it sets the application root directory based on the string value. Then it:

1. Creates DataSources from the datasources.json file in the application root directory.
2. Creates Models from the models.json file in the application root directory.

If the argument is an object, then it looks for model, dataSources, and appRootDir properties of the object. If the object has no appRootDir property then it sets the current working directory as the application root directory. Then it:

1. Creates DataSources from the options.dataSources object.
2. Creates Models from the options.models object.

In both cases, the function loads JavaScript files in the /models and /boot subdirectories of the application root directory with require().

NOTE: mixing app.boot() and app.model(name, config) in multiple files may result in models being undefined due to race conditions. To avoid this when using app.boot() make sure all models are passed as part of the models definition.

Throws an error if the config object is not valid or if boot fails.

Model Definitions

The following is example JSON for two Model definitions: "dealership" and "location".

{
  "dealership": {
    // a reference, by name, to a dataSource definition
    "dataSource": "my-db",
    // the options passed to Model.extend(name, properties, options)
    "options": {
      "relations": {
        "cars": {
          "type": "hasMany",
          "model": "Car",
          "foreignKey": "dealerId"  
        }
      }
    },
    // the properties passed to Model.extend(name, properties, options)
    "properties": {
      "id": {"id": true},
      "name": "String",
      "zip": "Number",
      "address": "String"
    }
  },
  "car": {
    "dataSource": "my-db"
    "properties": {
      "id": {
        "type": "String",
        "required": true,
        "id": true
      },
      "make": {
        "type": "String",
        "required": true
      },
      "model": {
        "type": "String",
        "required": true
      }
    }
  }
}

Register a connector.

When a new data-source is being added via app.dataSource, the connector name is looked up in the registered connectors first.

Connectors are required to be explicitly registered only for applications using browserify, because browserify does not support dynamic require, which is used by LoopBack to automatically load the connector module.

Define a DataSource.

Enable swagger REST API documentation.

Note: This method is deprecated. Use loopback-explorer instead.

Options

• basePath The basepath for your API - eg. 'http://localhost:3000'.

Example

// enable docs
app.docs({basePath: 'http://localhost:3000'});

Run your app then navigate to the API explorer. Enter your API basepath to view your generated docs.

Enable app wide authentication.

Listen for connections and update the configured port.

When there are no parameters or there is only one callback parameter, the server will listen on app.get('host') and app.get('port').

// listen on host/port configured in app config
app.listen();

Otherwise all arguments are forwarded to http.Server.listen.

// listen on the specified port and all hosts, ignore app config
app.listen(80);

The function also installs a listening callback that calls app.set('port') with the value returned by server.address().port. This way the port param contains always the real port number, even when listen was called with port number 0.

Define and attach a model to the app. The Model will be available on the app.models object.

var Widget = app.model('Widget', {dataSource: 'db'});
Widget.create({name: 'pencil'});
app.models.Widget.find(function(err, widgets) {
  console.log(widgets[0]); // => {name: 'pencil'}
});

Get the models exported by the app. Returns only models defined using app.model()

There are two ways to access models:

1. Call app.models() to get a list of all models.

var models = app.models();

models.forEach(function (Model) {
 console.log(Model.modelName); // color
});

**2. Use app.model to access a model by name. app.model has properties for all defined models.

The following example illustrates accessing the Product and CustomerReceipt models using the models object.

var loopback = require('loopback');
 var app = loopback();
 app.boot({
  dataSources: {
    db: {connector: 'memory'}
  }
});

app.model('product', {dataSource: 'db'});
app.model('customer-receipt', {dataSource: 'db'});

// available based on the given name
var Product = app.models.Product;

// also available as camelCase
var product = app.models.product;

// multi-word models are avaiable as pascal cased
var CustomerReceipt = app.models.CustomerReceipt;

// also available as camelCase
var customerReceipt = app.models.customerReceipt;

Get all remote objects.

Lazily load a set of remote objects.

NOTE: Calling app.remotes() more than once returns only a single set of remote objects.

Main entry for LoopBack core module. It provides static properties and methods to create models and data sources. The module itself is a function that creates loopback app. For example,

var loopback = require('loopback');
var app = loopback();

Attach any model that does not have a dataSource to the default dataSource for the type the Model requests

Create a data source with passing the provided options to the connector.

Create a named vanilla JavaScript class constructor with an attached set of properties and options.

Get the default dataSource for a given type.

Look up a model class by name from all models created by loopback.createModel()

Look up a model class by the base model class. The method can be used by LoopBack to find configured models in models.json over the base model.

Get an in-memory data source. Use one if it already exists.

Add a remote method to a model.

Set the default dataSource for a given type.

Create a template helper.

var render = loopback.template('foo.ejs');
var html = render({foo: 'bar'});

The built in loopback.Model.

Check if the given access token can invoke the method

Get the Application the Model is attached to.

Get the Model's RemoteObjects.

Extends Model with basic query and CRUD support.

Change Event

Listen for model changes using the change event.

MyDataModel.on('changed', function(obj) {
   console.log(obj) // => the changed model
});

Return count of matched records

Create new instance of Model class, saved in database.

Check whether a model instance exists in database.

Find all instances of Model, matched by query make sure you have marked as index: true fields for filter or sort

Find object by id

Find one record, same as all, limited by 1 and return object, not collection

Find one record instance, same as all, limited by one and return object, not collection. If not found, create the record using data provided as second argument.

Get the id property name

Destroy all matching records

Destroy a record by id

Update or insert a model instance

Get the id property name of the constructor.

Determine if the data model is new.

Reload object from persistence

Save instance. When instance does not have an ID, create method instead. Triggers: validate, save, update or create.

Set the corret id property for the DataModel. If a Connector defines a setId method it will be used. Otherwise the default lookup is used. You should override this method to handle complex ids.

Update single attribute. Equivalent to updateAttributes({name: value}, cb)

Update set of attributes

Performs validation before updating

Expose models over REST.

For example:

app.use(loopback.rest());

For more information, see Exposing models over a REST API.

Return HTTP response with basic application status information: date the application was started and uptime, in JSON format. For example:

{
 "started": "2014-06-05T00:26:49.750Z",
 "uptime": 9.394
}

Check for an access token in cookies, headers, and query string parameters. This function always checks for the following:

• access_token
• X-Access-Token
• authorization

It checks for these values in cookies, headers, and query string parameters in addition to the items specified in the options parameter.

NOTE: This function only checks for signed cookies.

The following example illustrates how to check for an accessToken in a custom cookie, query string parameter and header called foo-auth.

app.use(loopback.token({
  cookies: ['foo-auth'],
  headers: ['foo-auth', 'X-Foo-Auth'],
  params: ['foo-auth', 'foo_auth']
}));

Convert any request not handled so far to a 404 error to be handled by error-handling middleware.

Token based authentication and access control.

Create a cryptographically random access token id.

Find a token for the given ServerRequest.

Validate the token.

Name of the access type - READ/WRITE/EXEC

ALARM - Generate an alarm, in a system dependent way, the access specified in the permissions component of the ACL entry. ALLOW - Explicitly grants access to the resource. AUDIT - Log, in a system dependent way, the access specified in the permissions component of the ACL entry. DENY - Explicitly denies access to the resource.

Type of the principal - Application/User/Role

Id of the principal - such as appId, userId or roleId

A Model for access control meta data.

Check if the request has the permission to access

Check if the given access token can invoke the method

Check if the given principal is allowed to access the model/property

Calculate the matching score for the given rule and request

Get matching score for the given AccessRequest.

Resource owner grants/delegates permissions to client applications

For a protected resource, does the client application have the authorization from the resource owner (user or system)?

Scope has many resource access entries

Check if the given scope is allowed to access the model/property

production or development mode. It denotes what default APNS servers to be used to send notifications

• true (production mode)
  • push: gateway.push.apple.com:2195
  • feedback: feedback.push.apple.com:2196
• false (development mode, the default)
  • push: gateway.sandbox.push.apple.com:2195
  • feedback: feedback.sandbox.push.apple.com:2196

Manage client applications and organize their users.

Authenticate the application id and key.

matched parameter is one of:

• clientKey
• javaScriptKey
• restApiKey
• windowsKey
• masterKey

Register a new application

Reset keys for a given application by the appId

Reset keys for the application instance

The Email Model.

Properties

• to - String (required)
• from - String (required)
• subject - String (required)
• text - String
• html - String

Send an email with the given options.

Example Options:

{
  from: "Fred Foo <foo@blurdybloop.com>", // sender address
  to: "bar@blurdybloop.com, baz@blurdybloop.com", // list of receivers
  subject: "Hello", // Subject line
  text: "Hello world", // plaintext body
  html: "<b>Hello world</b>" // html body
}

See https://github.com/andris9/Nodemailer for other supported options.

The Role Model

List roles for a given principal

Check if the user id is authenticated

Check if a given principal is in the role

Check if a given userId is the owner the model instance

Add custom handler for roles

The RoleMapping model extends from the built in loopback.Model type.

Get the application principal

Get the child role principal

Get the user principal

factors: [ 'AuthenticationFactor' ],

Extends from the built in loopback.Model type.

Default User ACLs.

• DENY EVERYONE *
• ALLOW EVERYONE create
• ALLOW OWNER removeById
• ALLOW EVERYONE login
• ALLOW EVERYONE logout
• ALLOW EVERYONE findById
• ALLOW OWNER updateAttributes

Confirm the user's identity.

Login a user by with the given credentials.

   User.login({username: 'foo', password: 'bar'}, function (err, token) {
     console.log(token.id);
   });

Logout a user with the given accessToken id.

   User.logout('asd0a9f8dsj9s0s3223mk', function (err) {
     console.log(err || 'Logged out');
   });

Create a short lived acess token for temporary login. Allows users to change passwords if forgotten.

Create access token for the logged in user. This method can be overridden to customize how access tokens are generated

Compare the given password with the users hashed password.

Verify a user's identity by sending them a confirmation email.

   var options = {
     type: 'email',
     to: user.email,
     template: 'verify.ejs',
     redirect: '/'
   };

   user.verify(options, next);