feat: add swagger spec and support to account api

This commit is contained in:
Derrick Hammer 2024-03-06 04:58:04 -05:00
parent 6fb77d102a
commit 550398c701
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
2 changed files with 221 additions and 2 deletions

View File

@ -3,8 +3,11 @@ package account
import ( import (
"context" "context"
"crypto/ed25519" "crypto/ed25519"
_ "embed"
"net/http" "net/http"
"git.lumeweb.com/LumeWeb/portal/api/swagger"
"git.lumeweb.com/LumeWeb/portal/api/router" "git.lumeweb.com/LumeWeb/portal/api/router"
"git.lumeweb.com/LumeWeb/portal/config" "git.lumeweb.com/LumeWeb/portal/config"
@ -20,6 +23,9 @@ import (
"go.uber.org/fx" "go.uber.org/fx"
) )
//go:embed swagger.yaml
var swagSpec []byte
var ( var (
_ registry.API = (*AccountAPI)(nil) _ registry.API = (*AccountAPI)(nil)
_ router.RoutableAPI = (*AccountAPI)(nil) _ router.RoutableAPI = (*AccountAPI)(nil)
@ -272,7 +278,7 @@ func (a AccountAPI) Routes() (*httprouter.Router, error) {
Purpose: account.JWTPurposeLogin, Purpose: account.JWTPurposeLogin,
}) })
return jape.Mux(map[string]jape.Handler{ routes := map[string]jape.Handler{
"POST /api/auth/login": middleware.ApplyMiddlewares(a.login, authMw2fa, middleware.ProxyMiddleware), "POST /api/auth/login": middleware.ApplyMiddlewares(a.login, authMw2fa, middleware.ProxyMiddleware),
"POST /api/auth/register": middleware.ApplyMiddlewares(a.register, middleware.ProxyMiddleware), "POST /api/auth/register": middleware.ApplyMiddlewares(a.register, middleware.ProxyMiddleware),
"POST /api/auth/verify-email": middleware.ApplyMiddlewares(a.verifyEmail, middleware.ProxyMiddleware), "POST /api/auth/verify-email": middleware.ApplyMiddlewares(a.verifyEmail, middleware.ProxyMiddleware),
@ -282,7 +288,14 @@ func (a AccountAPI) Routes() (*httprouter.Router, error) {
"POST /api/auth/otp/disable": middleware.ApplyMiddlewares(a.otpDisable, authMw, middleware.ProxyMiddleware), "POST /api/auth/otp/disable": middleware.ApplyMiddlewares(a.otpDisable, authMw, middleware.ProxyMiddleware),
"POST /api/auth/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, middleware.ProxyMiddleware), "POST /api/auth/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, middleware.ProxyMiddleware),
"POST /api/auth/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, middleware.ProxyMiddleware), "POST /api/auth/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, middleware.ProxyMiddleware),
}), nil }
routes, err := swagger.Swagger(swagSpec, routes)
if err != nil {
return nil, err
}
return jape.Mux(routes), nil
} }
func (a AccountAPI) Can(w http.ResponseWriter, r *http.Request) bool { func (a AccountAPI) Can(w http.ResponseWriter, r *http.Request) bool {
return false return false

206
api/account/swagger.yaml Normal file
View File

@ -0,0 +1,206 @@
openapi: 3.0.0
info:
title: Account Management API
version: "1.0"
description: API for managing user accounts, including login, registration, OTP operations, and password resets.
paths:
/api/auth/login:
post:
summary: Login to the system
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/LoginRequest'
responses:
'200':
description: Successfully logged in
headers:
Authorization:
schema:
type: string
description: Bearer token for the session
'401':
description: Unauthorized
/api/auth/register:
post:
summary: Register a new account
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/RegisterRequest'
responses:
'200':
description: Successfully registered
'400':
description: Bad Request
/api/auth/verify-email:
post:
summary: Verify email address
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/VerifyEmailRequest'
responses:
'200':
description: Email verified successfully
/api/auth/otp/generate:
get:
summary: Generate OTP for two-factor authentication
responses:
'200':
description: OTP generated successfully
content:
application/json:
schema:
$ref: '#/components/schemas/OTPGenerateResponse'
/api/auth/otp/verify:
post:
summary: Verify OTP for enabling two-factor authentication
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/OTPVerifyRequest'
responses:
'200':
description: OTP verified successfully
/api/auth/otp/validate:
post:
summary: Validate OTP for two-factor authentication login
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/OTPValidateRequest'
responses:
'200':
description: OTP validated successfully
/api/auth/otp/disable:
post:
summary: Disable OTP for two-factor authentication
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/OTPDisableRequest'
responses:
'200':
description: OTP disabled successfully
/api/auth/password-reset/request:
post:
summary: Request a password reset
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordResetRequest'
responses:
'200':
description: Password reset requested successfully
/api/auth/password-reset/confirm:
post:
summary: Confirm a password reset
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/PasswordResetVerifyRequest'
responses:
'200':
description: Password reset successfully
components:
schemas:
LoginRequest:
type: object
required:
- email
- password
properties:
email:
type: string
password:
type: string
RegisterRequest:
type: object
required:
- firstName
- lastName
- email
- password
properties:
firstName:
type: string
lastName:
type: string
email:
type: string
password:
type: string
VerifyEmailRequest:
type: object
required:
- email
- token
properties:
email:
type: string
token:
type: string
OTPGenerateResponse:
type: object
properties:
OTP:
type: string
OTPVerifyRequest:
type: object
required:
- OTP
properties:
OTP:
type: string
OTPValidateRequest:
type: object
required:
- OTP
properties:
OTP:
type: string
OTPDisableRequest:
type: object
required:
- password
properties:
password:
type: string
PasswordResetRequest:
type: object
required:
- email
properties:
email:
type: string
PasswordResetVerifyRequest:
type: object
required:
- email
- token
- password
properties:
email:
type: string
token:
type: string
password:
type: string