diff --git a/api/account/account.go b/api/account/account.go index b8f74ec..8f2b7b5 100644 --- a/api/account/account.go +++ b/api/account/account.go @@ -3,8 +3,11 @@ package account import ( "context" "crypto/ed25519" + _ "embed" "net/http" + "git.lumeweb.com/LumeWeb/portal/api/swagger" + "git.lumeweb.com/LumeWeb/portal/api/router" "git.lumeweb.com/LumeWeb/portal/config" @@ -20,6 +23,9 @@ import ( "go.uber.org/fx" ) +//go:embed swagger.yaml +var swagSpec []byte + var ( _ registry.API = (*AccountAPI)(nil) _ router.RoutableAPI = (*AccountAPI)(nil) @@ -272,7 +278,7 @@ func (a AccountAPI) Routes() (*httprouter.Router, error) { Purpose: account.JWTPurposeLogin, }) - return jape.Mux(map[string]jape.Handler{ + routes := map[string]jape.Handler{ "POST /api/auth/login": middleware.ApplyMiddlewares(a.login, authMw2fa, middleware.ProxyMiddleware), "POST /api/auth/register": middleware.ApplyMiddlewares(a.register, middleware.ProxyMiddleware), "POST /api/auth/verify-email": middleware.ApplyMiddlewares(a.verifyEmail, middleware.ProxyMiddleware), @@ -282,7 +288,14 @@ func (a AccountAPI) Routes() (*httprouter.Router, error) { "POST /api/auth/otp/disable": middleware.ApplyMiddlewares(a.otpDisable, authMw, middleware.ProxyMiddleware), "POST /api/auth/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, middleware.ProxyMiddleware), "POST /api/auth/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, middleware.ProxyMiddleware), - }), nil + } + + routes, err := swagger.Swagger(swagSpec, routes) + if err != nil { + return nil, err + } + + return jape.Mux(routes), nil } func (a AccountAPI) Can(w http.ResponseWriter, r *http.Request) bool { return false diff --git a/api/account/swagger.yaml b/api/account/swagger.yaml new file mode 100644 index 0000000..a36e491 --- /dev/null +++ b/api/account/swagger.yaml @@ -0,0 +1,206 @@ +openapi: 3.0.0 +info: + title: Account Management API + version: "1.0" + description: API for managing user accounts, including login, registration, OTP operations, and password resets. +paths: + /api/auth/login: + post: + summary: Login to the system + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/LoginRequest' + responses: + '200': + description: Successfully logged in + headers: + Authorization: + schema: + type: string + description: Bearer token for the session + '401': + description: Unauthorized + /api/auth/register: + post: + summary: Register a new account + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/RegisterRequest' + responses: + '200': + description: Successfully registered + '400': + description: Bad Request + /api/auth/verify-email: + post: + summary: Verify email address + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/VerifyEmailRequest' + responses: + '200': + description: Email verified successfully + /api/auth/otp/generate: + get: + summary: Generate OTP for two-factor authentication + responses: + '200': + description: OTP generated successfully + content: + application/json: + schema: + $ref: '#/components/schemas/OTPGenerateResponse' + /api/auth/otp/verify: + post: + summary: Verify OTP for enabling two-factor authentication + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/OTPVerifyRequest' + responses: + '200': + description: OTP verified successfully + /api/auth/otp/validate: + post: + summary: Validate OTP for two-factor authentication login + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/OTPValidateRequest' + responses: + '200': + description: OTP validated successfully + /api/auth/otp/disable: + post: + summary: Disable OTP for two-factor authentication + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/OTPDisableRequest' + responses: + '200': + description: OTP disabled successfully + /api/auth/password-reset/request: + post: + summary: Request a password reset + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordResetRequest' + responses: + '200': + description: Password reset requested successfully + /api/auth/password-reset/confirm: + post: + summary: Confirm a password reset + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordResetVerifyRequest' + responses: + '200': + description: Password reset successfully + +components: + schemas: + LoginRequest: + type: object + required: + - email + - password + properties: + email: + type: string + password: + type: string + RegisterRequest: + type: object + required: + - firstName + - lastName + - email + - password + properties: + firstName: + type: string + lastName: + type: string + email: + type: string + password: + type: string + VerifyEmailRequest: + type: object + required: + - email + - token + properties: + email: + type: string + token: + type: string + OTPGenerateResponse: + type: object + properties: + OTP: + type: string + OTPVerifyRequest: + type: object + required: + - OTP + properties: + OTP: + type: string + OTPValidateRequest: + type: object + required: + - OTP + properties: + OTP: + type: string + OTPDisableRequest: + type: object + required: + - password + properties: + password: + type: string + PasswordResetRequest: + type: object + required: + - email + properties: + email: + type: string + PasswordResetVerifyRequest: + type: object + required: + - email + - token + - password + properties: + email: + type: string + token: + type: string + password: + type: string