#
#   route.txt - Route configuration
#
#   Schema
#       route uri=URI protocol=PROTOCOL methods=METHODS handler=HANDLER redirect=STATUS@URI \
#           extensions=EXTENSIONS abilities=ABILITIES 
#
#   Abilities are a set of required abilities that the user or request must possess.
#   The abilities, extensions, methods and redirect keywords may use comma separated tokens to express a set of 
#       required options, or use "|" separated tokens for a set of alternative options. This implements AND/OR.
#   The protocol keyword may be set to http or https
#   Multiple redirect fields are permissable
#
#   Redirect over TLS
#       route uri=/ protocol=http redirect=https handler=redirect
#
#   Form based login pattern
#       route uri=/login.html
#       route uri=/action/login methods=POST handler=action redirect=200@/ redirect=401@/login.html
#       route uri=/action/logout methods=POST handler=action redirect=200@/login.html
#       route uri=/ auth=form handler=continue redirect=401@/login.html
#
route uri=/old-alias/ redirect=/alias/atest.html handler=redirect

#
#   Basic and digest authentication required for these directories.
#   Require the "manage" ability which only "joshua" has.
#
route uri=/auth/basic/admin/  auth=basic abilities=manage
route uri=/auth/digest/admin/ auth=digest abilities=manage
route uri=/auth/basic/  auth=basic abilities=view
route uri=/auth/digest/ auth=digest abilities=view

#
#   Form-based authentication for content under /auth/form
#   The login form is /auth/form/login.html. The page to display when logged-in is /auth/form/index.html
#   Everything else under /auth/form is secured and requires the "manage" ability 
#
route uri=/auth/form/login.html

route uri=/action/login methods=POST handler=action redirect=200@/auth/form/index.html redirect=401@/auth/form/login.html
route uri=/action/logout methods=GET|POST handler=action redirect=200@/auth/form/login.html
route uri=/auth/form/ auth=form handler=continue abilities=manage redirect=401@/auth/form/login.html

#
#   Support PUT and DELETE methods only for the BIT_GOAHEAD_PUT_DIR directory
#
route uri=/tmp/ methods=PUT|DELETE

#
#   Require TLS to access anything under /secure
#
route uri=/secure/ protocol=http redirect=https handler=redirect

#
#   Standard routes
#
route uri=/cgi-bin handler=cgi
route uri=/action handler=action
route uri=/ methods=OPTIONS|TRACE handler=options
route uri=/ extensions=jst,asp handler=jst

#
#   Catch-all route without authentication for all other URIs
#
route uri=/