We can create a secure server-to-server API system between two Moxie.Build servers using the Remote command easily. In order to ensure that communication between both servers is private, we will need to utilize an API Public Key
and Private Key
and hash them both in order to provide a secure connection between the two machines..
Overview:
Public Key
and Private Key
Root.Setup
table on the origin server Public Key
in the Root.ApiKey
table and the Private Key
in the Root.Setup
table on the remote serverPublic Key
Example:
On the origin server, our procedure may need to request data or perform some business logic on a remote Moxie.Build server:
Rem 'Query a remote Moxie.Build server
Rem 'Set up our Work Query to contain the PublicKey and a HashValue
Reset
[New] PublicApiKey = Setup$ "EPSO.Remote.PublicKey"
[New] PrivateApiKey = Setup$ "EPSO.Remote.PrivateKey"
[New] HashValue = Hash$ (PublicApiKey & ($Today) & PrivateApiKey)
SetNew "PublicKey", `PublicApiKey
SetNew "HashValue", `HashValue
'Any other data that you would like to send along...
EndRem
Rem 'Send this request to the remote server
Try
Remote ("//" & (DnsIp$"example-remote-mox-web-domain"
& "/TableName.RemoteProcedureName"), "Me.Output", "Me.Output"
'Success.. our work query here contains the output of the remote
Catch
'Error.. could have either been from an invalid API Key or another reason
HtmlErr "Oops! It appears that the remote server returned an error."
Exit Proc
End Try
EndRem
EndRem
On the remote server, we would validate that the provided PublicKey
exists in our Root.Setup
table and that we can generate an identical HashValue
using the Private Key
stored in our Root.Setup
table:
Rem 'Reorganize: We want to start our work with the entire Input Query
MoveQuery "Output", "Input"
NewQuery "TopQ"
TopQuery "TopQ"
[New] PublicKey | PublicKey
[New] HashToCheck | HashValue
'Get any other data that should exist
EndRem
Rem 'Validate ApiKey
[New] ApiKeyExists = Exists$ "ApiKey", PublicKey
If Not ApiKeyExists Then Error "Invalid API Key"
EndRem
Rem 'Generate authenticity hash using our copy of the Private Key
[New] PrivateKey = Setup$ "EPSO.Remote.PrivateKey" 'Unique key used for authenticity check
[New] HashValue = Hash$ (PublicKey & ($Today) & PrivateKey)
EndRem
Rem 'Ensure request was authentic
If HashToCheck <> HashValue
Error ("A remote login request with an invalid secret key (hashValue) occured.")
End If
EndRem
Rem 'Perform custom business logic...
EndRem
In this example, we show a simple example of how to use the JsonStream$ command to quickly construct JSON APIs.
Rem 'Flow Control
[Pull] Req.IsGet Req.IsPost State Action
If Req.IsGet : And Not State : Ex.Home
ElseIf Action = "ExamplePost" : AjaxReply : Ex.Post
End If
EndRem
Method Ex.Home()
HtmlButton " Get Json", "?Action=ExamplePost"
End Method
Method Ex.Post()
LoadTable "Content.Category"
KeepFields "Content.Category.", "Alias Name Enabled"
LTrimFields "Content.Category."
Rem 'Output JSON
[New] Buff
Buff | JsonStream$ "Object Array"
Html Buff
EndRem
End Method