From b94a6a652e150d18cb3501f30e0ced0683ae9f77 Mon Sep 17 00:00:00 2001 From: Zoe Roux Date: Sun, 23 Mar 2025 13:45:44 +0100 Subject: [PATCH] Push generated files in auth to make tools happy --- auth/.gitignore | 4 - auth/Dockerfile.dev | 6 - auth/dbc/config.sql.go | 73 +++++ auth/dbc/db.go | 32 ++ auth/dbc/models.go | 49 +++ auth/dbc/sessions.sql.go | 161 ++++++++++ auth/dbc/users.sql.go | 296 ++++++++++++++++++ auth/docs/docs.go | 650 +++++++++++++++++++++++++++++++++++++++ auth/docs/swagger.json | 626 +++++++++++++++++++++++++++++++++++++ auth/docs/swagger.yaml | 426 +++++++++++++++++++++++++ 10 files changed, 2313 insertions(+), 10 deletions(-) delete mode 100644 auth/.gitignore create mode 100644 auth/dbc/config.sql.go create mode 100644 auth/dbc/db.go create mode 100644 auth/dbc/models.go create mode 100644 auth/dbc/sessions.sql.go create mode 100644 auth/dbc/users.sql.go create mode 100644 auth/docs/docs.go create mode 100644 auth/docs/swagger.json create mode 100644 auth/docs/swagger.yaml diff --git a/auth/.gitignore b/auth/.gitignore deleted file mode 100644 index cb4266fd..00000000 --- a/auth/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -# generated via sqlc -dbc/ -# genereated via swag -docs/ diff --git a/auth/Dockerfile.dev b/auth/Dockerfile.dev index 5a7646f0..9519eac5 100644 --- a/auth/Dockerfile.dev +++ b/auth/Dockerfile.dev @@ -2,15 +2,9 @@ FROM golang:1.24 AS build WORKDIR /app RUN go install github.com/bokwoon95/wgo@latest -RUN go install github.com/sqlc-dev/sqlc/cmd/sqlc@latest -RUN go install github.com/swaggo/swag/cmd/swag@latest COPY go.mod go.sum ./ RUN go mod download -# COPY sqlc.yaml ./ -# COPY sql/ ./ -# RUN sqlc generate - EXPOSE 4568 CMD ["wgo", "run", "-race", "."] diff --git a/auth/dbc/config.sql.go b/auth/dbc/config.sql.go new file mode 100644 index 00000000..5ec22ed9 --- /dev/null +++ b/auth/dbc/config.sql.go @@ -0,0 +1,73 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.28.0 +// source: config.sql + +package dbc + +import ( + "context" +) + +const deleteConfig = `-- name: DeleteConfig :one +delete from config +where key = $1 +returning + key, value +` + +func (q *Queries) DeleteConfig(ctx context.Context, key string) (Config, error) { + row := q.db.QueryRow(ctx, deleteConfig, key) + var i Config + err := row.Scan(&i.Key, &i.Value) + return i, err +} + +const loadConfig = `-- name: LoadConfig :many +select + key, value +from + config +` + +func (q *Queries) LoadConfig(ctx context.Context) ([]Config, error) { + rows, err := q.db.Query(ctx, loadConfig) + if err != nil { + return nil, err + } + defer rows.Close() + var items []Config + for rows.Next() { + var i Config + if err := rows.Scan(&i.Key, &i.Value); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const saveConfig = `-- name: SaveConfig :one +insert into config(key, value) + values ($1, $2) +on conflict (key) + do update set + value = excluded.value + returning + key, value +` + +type SaveConfigParams struct { + Key string `json:"key"` + Value string `json:"value"` +} + +func (q *Queries) SaveConfig(ctx context.Context, arg SaveConfigParams) (Config, error) { + row := q.db.QueryRow(ctx, saveConfig, arg.Key, arg.Value) + var i Config + err := row.Scan(&i.Key, &i.Value) + return i, err +} diff --git a/auth/dbc/db.go b/auth/dbc/db.go new file mode 100644 index 00000000..babe8e31 --- /dev/null +++ b/auth/dbc/db.go @@ -0,0 +1,32 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.28.0 + +package dbc + +import ( + "context" + + "github.com/jackc/pgx/v5" + "github.com/jackc/pgx/v5/pgconn" +) + +type DBTX interface { + Exec(context.Context, string, ...interface{}) (pgconn.CommandTag, error) + Query(context.Context, string, ...interface{}) (pgx.Rows, error) + QueryRow(context.Context, string, ...interface{}) pgx.Row +} + +func New(db DBTX) *Queries { + return &Queries{db: db} +} + +type Queries struct { + db DBTX +} + +func (q *Queries) WithTx(tx pgx.Tx) *Queries { + return &Queries{ + db: tx, + } +} diff --git a/auth/dbc/models.go b/auth/dbc/models.go new file mode 100644 index 00000000..122487ae --- /dev/null +++ b/auth/dbc/models.go @@ -0,0 +1,49 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.28.0 + +package dbc + +import ( + "time" + + jwt "github.com/golang-jwt/jwt/v5" + "github.com/google/uuid" +) + +type Config struct { + Key string `json:"key"` + Value string `json:"value"` +} + +type OidcHandle struct { + UserPk int32 `json:"userPk"` + Provider string `json:"provider"` + Id string `json:"id"` + Username string `json:"username"` + ProfileUrl *string `json:"profileUrl"` + AccessToken *string `json:"accessToken"` + RefreshToken *string `json:"refreshToken"` + ExpireAt *time.Time `json:"expireAt"` +} + +type Session struct { + Pk int32 `json:"pk"` + Id uuid.UUID `json:"id"` + Token string `json:"token"` + UserPk int32 `json:"userPk"` + CreatedDate time.Time `json:"createdDate"` + LastUsed time.Time `json:"lastUsed"` + Device *string `json:"device"` +} + +type User struct { + Pk int32 `json:"pk"` + Id uuid.UUID `json:"id"` + Username string `json:"username"` + Email string `json:"email"` + Password *string `json:"password"` + Claims jwt.MapClaims `json:"claims"` + CreatedDate time.Time `json:"createdDate"` + LastSeen time.Time `json:"lastSeen"` +} diff --git a/auth/dbc/sessions.sql.go b/auth/dbc/sessions.sql.go new file mode 100644 index 00000000..02509fd9 --- /dev/null +++ b/auth/dbc/sessions.sql.go @@ -0,0 +1,161 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.28.0 +// source: sessions.sql + +package dbc + +import ( + "context" + "time" + + "github.com/google/uuid" +) + +const createSession = `-- name: CreateSession :one +insert into sessions(token, user_pk, device) + values ($1, $2, $3) +returning + pk, id, token, user_pk, created_date, last_used, device +` + +type CreateSessionParams struct { + Token string `json:"token"` + UserPk int32 `json:"userPk"` + Device *string `json:"device"` +} + +func (q *Queries) CreateSession(ctx context.Context, arg CreateSessionParams) (Session, error) { + row := q.db.QueryRow(ctx, createSession, arg.Token, arg.UserPk, arg.Device) + var i Session + err := row.Scan( + &i.Pk, + &i.Id, + &i.Token, + &i.UserPk, + &i.CreatedDate, + &i.LastUsed, + &i.Device, + ) + return i, err +} + +const deleteSession = `-- name: DeleteSession :one +delete from sessions as s using users as u +where s.user_pk = u.pk + and s.id = $1 + and u.id = $2 +returning + s.pk, s.id, s.token, s.user_pk, s.created_date, s.last_used, s.device +` + +type DeleteSessionParams struct { + Id uuid.UUID `json:"id"` + UserId uuid.UUID `json:"userId"` +} + +func (q *Queries) DeleteSession(ctx context.Context, arg DeleteSessionParams) (Session, error) { + row := q.db.QueryRow(ctx, deleteSession, arg.Id, arg.UserId) + var i Session + err := row.Scan( + &i.Pk, + &i.Id, + &i.Token, + &i.UserPk, + &i.CreatedDate, + &i.LastUsed, + &i.Device, + ) + return i, err +} + +const getUserFromToken = `-- name: GetUserFromToken :one +select + s.id, + s.last_used, + u.pk, u.id, u.username, u.email, u.password, u.claims, u.created_date, u.last_seen +from + users as u + inner join sessions as s on u.pk = s.user_pk +where + s.token = $1 +limit 1 +` + +type GetUserFromTokenRow struct { + Id uuid.UUID `json:"id"` + LastUsed time.Time `json:"lastUsed"` + User User `json:"user"` +} + +func (q *Queries) GetUserFromToken(ctx context.Context, token string) (GetUserFromTokenRow, error) { + row := q.db.QueryRow(ctx, getUserFromToken, token) + var i GetUserFromTokenRow + err := row.Scan( + &i.Id, + &i.LastUsed, + &i.User.Pk, + &i.User.Id, + &i.User.Username, + &i.User.Email, + &i.User.Password, + &i.User.Claims, + &i.User.CreatedDate, + &i.User.LastSeen, + ) + return i, err +} + +const getUserSessions = `-- name: GetUserSessions :many +select + s.pk, s.id, s.token, s.user_pk, s.created_date, s.last_used, s.device +from + sessions as s + inner join users as u on u.pk = s.user_pk +where + u.pk = $1 +order by + last_used +` + +func (q *Queries) GetUserSessions(ctx context.Context, pk int32) ([]Session, error) { + rows, err := q.db.Query(ctx, getUserSessions, pk) + if err != nil { + return nil, err + } + defer rows.Close() + var items []Session + for rows.Next() { + var i Session + if err := rows.Scan( + &i.Pk, + &i.Id, + &i.Token, + &i.UserPk, + &i.CreatedDate, + &i.LastUsed, + &i.Device, + ); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const touchSession = `-- name: TouchSession :exec +update + sessions +set + last_used = now()::timestamptz +where + id = $1 +` + +func (q *Queries) TouchSession(ctx context.Context, id uuid.UUID) error { + _, err := q.db.Exec(ctx, touchSession, id) + return err +} diff --git a/auth/dbc/users.sql.go b/auth/dbc/users.sql.go new file mode 100644 index 00000000..88360e27 --- /dev/null +++ b/auth/dbc/users.sql.go @@ -0,0 +1,296 @@ +// Code generated by sqlc. DO NOT EDIT. +// versions: +// sqlc v1.28.0 +// source: users.sql + +package dbc + +import ( + "context" + + jwt "github.com/golang-jwt/jwt/v5" + "github.com/google/uuid" +) + +const createUser = `-- name: CreateUser :one +insert into users(username, email, password, claims) + values ($1, $2, $3, $4) +returning + pk, id, username, email, password, claims, created_date, last_seen +` + +type CreateUserParams struct { + Username string `json:"username"` + Email string `json:"email"` + Password *string `json:"password"` + Claims jwt.MapClaims `json:"claims"` +} + +func (q *Queries) CreateUser(ctx context.Context, arg CreateUserParams) (User, error) { + row := q.db.QueryRow(ctx, createUser, + arg.Username, + arg.Email, + arg.Password, + arg.Claims, + ) + var i User + err := row.Scan( + &i.Pk, + &i.Id, + &i.Username, + &i.Email, + &i.Password, + &i.Claims, + &i.CreatedDate, + &i.LastSeen, + ) + return i, err +} + +const deleteUser = `-- name: DeleteUser :one +delete from users +where id = $1 +returning + pk, id, username, email, password, claims, created_date, last_seen +` + +func (q *Queries) DeleteUser(ctx context.Context, id uuid.UUID) (User, error) { + row := q.db.QueryRow(ctx, deleteUser, id) + var i User + err := row.Scan( + &i.Pk, + &i.Id, + &i.Username, + &i.Email, + &i.Password, + &i.Claims, + &i.CreatedDate, + &i.LastSeen, + ) + return i, err +} + +const getAllUsers = `-- name: GetAllUsers :many +select + pk, id, username, email, password, claims, created_date, last_seen +from + users +order by + id +limit $1 +` + +func (q *Queries) GetAllUsers(ctx context.Context, limit int32) ([]User, error) { + rows, err := q.db.Query(ctx, getAllUsers, limit) + if err != nil { + return nil, err + } + defer rows.Close() + var items []User + for rows.Next() { + var i User + if err := rows.Scan( + &i.Pk, + &i.Id, + &i.Username, + &i.Email, + &i.Password, + &i.Claims, + &i.CreatedDate, + &i.LastSeen, + ); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const getAllUsersAfter = `-- name: GetAllUsersAfter :many +select + pk, id, username, email, password, claims, created_date, last_seen +from + users +where + id >= $2 +order by + id +limit $1 +` + +type GetAllUsersAfterParams struct { + Limit int32 `json:"limit"` + AfterId uuid.UUID `json:"afterId"` +} + +func (q *Queries) GetAllUsersAfter(ctx context.Context, arg GetAllUsersAfterParams) ([]User, error) { + rows, err := q.db.Query(ctx, getAllUsersAfter, arg.Limit, arg.AfterId) + if err != nil { + return nil, err + } + defer rows.Close() + var items []User + for rows.Next() { + var i User + if err := rows.Scan( + &i.Pk, + &i.Id, + &i.Username, + &i.Email, + &i.Password, + &i.Claims, + &i.CreatedDate, + &i.LastSeen, + ); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const getUser = `-- name: GetUser :many +select + u.pk, u.id, u.username, u.email, u.password, u.claims, u.created_date, u.last_seen, + h.provider, + h.id, + h.username, + h.profile_url +from + users as u + left join oidc_handle as h on u.pk = h.user_pk +where + u.id = $1 +` + +type GetUserRow struct { + User User `json:"user"` + Provider *string `json:"provider"` + Id *string `json:"id"` + Username *string `json:"username"` + ProfileUrl *string `json:"profileUrl"` +} + +func (q *Queries) GetUser(ctx context.Context, id uuid.UUID) ([]GetUserRow, error) { + rows, err := q.db.Query(ctx, getUser, id) + if err != nil { + return nil, err + } + defer rows.Close() + var items []GetUserRow + for rows.Next() { + var i GetUserRow + if err := rows.Scan( + &i.User.Pk, + &i.User.Id, + &i.User.Username, + &i.User.Email, + &i.User.Password, + &i.User.Claims, + &i.User.CreatedDate, + &i.User.LastSeen, + &i.Provider, + &i.Id, + &i.Username, + &i.ProfileUrl, + ); err != nil { + return nil, err + } + items = append(items, i) + } + if err := rows.Err(); err != nil { + return nil, err + } + return items, nil +} + +const getUserByLogin = `-- name: GetUserByLogin :one +select + pk, id, username, email, password, claims, created_date, last_seen +from + users +where + email = $1 + or username = $1 +limit 1 +` + +func (q *Queries) GetUserByLogin(ctx context.Context, login string) (User, error) { + row := q.db.QueryRow(ctx, getUserByLogin, login) + var i User + err := row.Scan( + &i.Pk, + &i.Id, + &i.Username, + &i.Email, + &i.Password, + &i.Claims, + &i.CreatedDate, + &i.LastSeen, + ) + return i, err +} + +const touchUser = `-- name: TouchUser :exec +update + users +set + last_used = now()::timestamptz +where + id = $1 +` + +func (q *Queries) TouchUser(ctx context.Context, id uuid.UUID) error { + _, err := q.db.Exec(ctx, touchUser, id) + return err +} + +const updateUser = `-- name: UpdateUser :one +update + users +set + username = $2, + email = $3, + password = $4, + claims = $5 +where + id = $1 +returning + pk, id, username, email, password, claims, created_date, last_seen +` + +type UpdateUserParams struct { + Id uuid.UUID `json:"id"` + Username string `json:"username"` + Email string `json:"email"` + Password *string `json:"password"` + Claims jwt.MapClaims `json:"claims"` +} + +func (q *Queries) UpdateUser(ctx context.Context, arg UpdateUserParams) (User, error) { + row := q.db.QueryRow(ctx, updateUser, + arg.Id, + arg.Username, + arg.Email, + arg.Password, + arg.Claims, + ) + var i User + err := row.Scan( + &i.Pk, + &i.Id, + &i.Username, + &i.Email, + &i.Password, + &i.Claims, + &i.CreatedDate, + &i.LastSeen, + ) + return i, err +} diff --git a/auth/docs/docs.go b/auth/docs/docs.go new file mode 100644 index 00000000..e3e40a2e --- /dev/null +++ b/auth/docs/docs.go @@ -0,0 +1,650 @@ +// Package docs Code generated by swaggo/swag. DO NOT EDIT +package docs + +import "github.com/swaggo/swag" + +const docTemplate = `{ + "schemes": {{ marshal .Schemes }}, + "swagger": "2.0", + "info": { + "description": "{{escape .Description}}", + "title": "{{.Title}}", + "contact": { + "name": "Repository", + "url": "https://github.com/zoriya/kyoo" + }, + "license": { + "name": "GPL-3.0", + "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" + }, + "version": "{{.Version}}" + }, + "host": "{{.Host}}", + "basePath": "{{.BasePath}}", + "paths": { + "/info": { + "get": { + "description": "Get info like the public key used to sign the jwts.", + "produces": [ + "application/json" + ], + "tags": [ + "jwt" + ], + "summary": "Info", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Info" + } + } + } + } + }, + "/jwt": { + "get": { + "security": [ + { + "Token": [] + } + ], + "description": "Convert a session token to a short lived JWT.", + "produces": [ + "application/json" + ], + "tags": [ + "jwt" + ], + "summary": "Get JWT", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Jwt" + } + }, + "401": { + "description": "Missing session token", + "schema": {} + }, + "403": { + "description": "Invalid session token (or expired)", + "schema": {} + } + } + } + }, + "/sessions": { + "post": { + "description": "Login to your account and open a session", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "sessions" + ], + "summary": "Login", + "parameters": [ + { + "type": "string", + "description": "The device the created session will be used on", + "name": "device", + "in": "query" + }, + { + "description": "Account informations", + "name": "login", + "in": "body", + "schema": { + "$ref": "#/definitions/main.LoginDto" + } + } + ], + "responses": { + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/dbc.Session" + } + }, + "400": { + "description": "Invalid login body", + "schema": {} + }, + "403": { + "description": "Invalid password", + "schema": {} + }, + "404": { + "description": "Account does not exists", + "schema": {} + }, + "422": { + "description": "User does not have a password (registered via oidc, please login via oidc)", + "schema": {} + } + } + } + }, + "/sessions/current": { + "delete": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Delete a session and logout", + "produces": [ + "application/json" + ], + "tags": [ + "sessions" + ], + "summary": "Logout", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Session" + } + }, + "400": { + "description": "Invalid session id", + "schema": {} + }, + "401": { + "description": "Missing jwt token", + "schema": {} + }, + "403": { + "description": "Invalid jwt token (or expired)", + "schema": {} + }, + "404": { + "description": "Session not found with specified id (if not using the /current route)", + "schema": {} + } + } + } + }, + "/sessions/{id}": { + "delete": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Delete a session and logout", + "produces": [ + "application/json" + ], + "tags": [ + "sessions" + ], + "summary": "Logout", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "The id of the session to delete", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Session" + } + }, + "400": { + "description": "Invalid session id", + "schema": {} + }, + "401": { + "description": "Missing jwt token", + "schema": {} + }, + "403": { + "description": "Invalid jwt token (or expired)", + "schema": {} + }, + "404": { + "description": "Session not found with specified id (if not using the /current route)", + "schema": {} + } + } + } + }, + "/users": { + "get": { + "security": [ + { + "Jwt": [ + "users.read" + ] + } + ], + "description": "List all users existing in this instance.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "List all users", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "used for pagination.", + "name": "afterId", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "400": { + "description": "Invalid after id", + "schema": {} + } + } + }, + "post": { + "description": "Register as a new user and open a session for it", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Register", + "parameters": [ + { + "type": "string", + "description": "The device the created session will be used on", + "name": "device", + "in": "query" + }, + { + "description": "Registration informations", + "name": "user", + "in": "body", + "schema": { + "$ref": "#/definitions/main.RegisterDto" + } + } + ], + "responses": { + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/dbc.Session" + } + }, + "400": { + "description": "Invalid register body", + "schema": {} + }, + "409": { + "description": "Duplicated email or username", + "schema": {} + } + } + } + }, + "/users/me": { + "get": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Get informations about the currently connected user", + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Get me", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "401": { + "description": "Missing jwt token", + "schema": {} + }, + "403": { + "description": "Invalid jwt token (or expired)", + "schema": {} + } + } + }, + "delete": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Delete your account and all your sessions", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Delete self", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + } + } + } + }, + "/users/{id}": { + "get": { + "security": [ + { + "Jwt": [ + "users.read" + ] + } + ], + "description": "Get informations about a user from it's id", + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Get user", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "The id of the user", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "404": { + "description": "No user with the given id found", + "schema": {} + } + } + }, + "delete": { + "security": [ + { + "Jwt": [ + "users.delete" + ] + } + ], + "description": "Delete an account and all it's sessions.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Delete user", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "User id of the user to delete", + "name": "id", + "in": "path" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "404": { + "description": "Invalid user id", + "schema": {} + } + } + } + } + }, + "definitions": { + "dbc.Session": { + "type": "object", + "properties": { + "createdDate": { + "type": "string" + }, + "device": { + "type": "string" + }, + "id": { + "type": "string" + }, + "lastUsed": { + "type": "string" + }, + "pk": { + "type": "integer" + }, + "token": { + "type": "string" + }, + "userPk": { + "type": "integer" + } + } + }, + "main.Info": { + "type": "object", + "properties": { + "publicKey": { + "description": "The public key used to sign jwt tokens. It can be used by your services to check if the jwt is valid.", + "type": "string" + } + } + }, + "main.Jwt": { + "type": "object", + "properties": { + "token": { + "description": "The jwt token you can use for all authorized call to either keibi or other services.", + "type": "string" + } + } + }, + "main.LoginDto": { + "type": "object", + "required": [ + "login", + "password" + ], + "properties": { + "login": { + "description": "Either the email or the username.", + "type": "string" + }, + "password": { + "description": "Password of the account.", + "type": "string" + } + } + }, + "main.OidcHandle": { + "type": "object", + "properties": { + "id": { + "description": "Id of this oidc handle.", + "type": "string" + }, + "profileUrl": { + "description": "Link to the profile of the user on the external service. Null if unknown or irrelevant.", + "type": "string", + "format": "url" + }, + "username": { + "description": "Username of the user on the external service.", + "type": "string" + } + } + }, + "main.RegisterDto": { + "type": "object", + "required": [ + "email", + "password", + "username" + ], + "properties": { + "email": { + "description": "Valid email that could be used for forgotten password requests. Can be used for login.", + "type": "string", + "format": "email" + }, + "password": { + "description": "Password to use.", + "type": "string" + }, + "username": { + "description": "Username of the new account, can't contain @ signs. Can be used for login.", + "type": "string" + } + } + }, + "main.Session": { + "type": "object", + "properties": { + "createdDate": { + "description": "When was the session first opened", + "type": "string" + }, + "device": { + "description": "Device that created the session.", + "type": "string" + }, + "id": { + "description": "Unique id of this session. Can be used for calls to DELETE", + "type": "string" + }, + "lastUsed": { + "description": "Last date this session was used to access a service.", + "type": "string" + } + } + }, + "main.User": { + "type": "object", + "properties": { + "claims": { + "description": "List of custom claims JWT created via get /jwt will have", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "createdDate": { + "description": "When was this account created?", + "type": "string" + }, + "email": { + "description": "Email of the user. Can be used as a login.", + "type": "string", + "format": "email" + }, + "id": { + "description": "Id of the user.", + "type": "string" + }, + "lastSeen": { + "description": "When was the last time this account made any authorized request?", + "type": "string" + }, + "oidc": { + "description": "List of other login method available for this user. Access tokens wont be returned here.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/main.OidcHandle" + } + }, + "username": { + "description": "Username of the user. Can be used as a login.", + "type": "string" + } + } + } + }, + "securityDefinitions": { + "Jwt": { + "type": "apiKey", + "name": "Authorization", + "in": "header" + }, + "Token": { + "type": "apiKey", + "name": "Authorization", + "in": "header" + } + } +}` + +// SwaggerInfo holds exported Swagger Info so clients can modify it +var SwaggerInfo = &swag.Spec{ + Version: "1.0", + Host: "kyoo.zoriya.dev", + BasePath: "/auth", + Schemes: []string{}, + Title: "Keibi - Kyoo's auth", + Description: "Auth system made for kyoo.", + InfoInstanceName: "swagger", + SwaggerTemplate: docTemplate, + LeftDelim: "{{", + RightDelim: "}}", +} + +func init() { + swag.Register(SwaggerInfo.InstanceName(), SwaggerInfo) +} diff --git a/auth/docs/swagger.json b/auth/docs/swagger.json new file mode 100644 index 00000000..a41e8589 --- /dev/null +++ b/auth/docs/swagger.json @@ -0,0 +1,626 @@ +{ + "swagger": "2.0", + "info": { + "description": "Auth system made for kyoo.", + "title": "Keibi - Kyoo's auth", + "contact": { + "name": "Repository", + "url": "https://github.com/zoriya/kyoo" + }, + "license": { + "name": "GPL-3.0", + "url": "https://www.gnu.org/licenses/gpl-3.0.en.html" + }, + "version": "1.0" + }, + "host": "kyoo.zoriya.dev", + "basePath": "/auth", + "paths": { + "/info": { + "get": { + "description": "Get info like the public key used to sign the jwts.", + "produces": [ + "application/json" + ], + "tags": [ + "jwt" + ], + "summary": "Info", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Info" + } + } + } + } + }, + "/jwt": { + "get": { + "security": [ + { + "Token": [] + } + ], + "description": "Convert a session token to a short lived JWT.", + "produces": [ + "application/json" + ], + "tags": [ + "jwt" + ], + "summary": "Get JWT", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Jwt" + } + }, + "401": { + "description": "Missing session token", + "schema": {} + }, + "403": { + "description": "Invalid session token (or expired)", + "schema": {} + } + } + } + }, + "/sessions": { + "post": { + "description": "Login to your account and open a session", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "sessions" + ], + "summary": "Login", + "parameters": [ + { + "type": "string", + "description": "The device the created session will be used on", + "name": "device", + "in": "query" + }, + { + "description": "Account informations", + "name": "login", + "in": "body", + "schema": { + "$ref": "#/definitions/main.LoginDto" + } + } + ], + "responses": { + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/dbc.Session" + } + }, + "400": { + "description": "Invalid login body", + "schema": {} + }, + "403": { + "description": "Invalid password", + "schema": {} + }, + "404": { + "description": "Account does not exists", + "schema": {} + }, + "422": { + "description": "User does not have a password (registered via oidc, please login via oidc)", + "schema": {} + } + } + } + }, + "/sessions/current": { + "delete": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Delete a session and logout", + "produces": [ + "application/json" + ], + "tags": [ + "sessions" + ], + "summary": "Logout", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Session" + } + }, + "400": { + "description": "Invalid session id", + "schema": {} + }, + "401": { + "description": "Missing jwt token", + "schema": {} + }, + "403": { + "description": "Invalid jwt token (or expired)", + "schema": {} + }, + "404": { + "description": "Session not found with specified id (if not using the /current route)", + "schema": {} + } + } + } + }, + "/sessions/{id}": { + "delete": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Delete a session and logout", + "produces": [ + "application/json" + ], + "tags": [ + "sessions" + ], + "summary": "Logout", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "The id of the session to delete", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.Session" + } + }, + "400": { + "description": "Invalid session id", + "schema": {} + }, + "401": { + "description": "Missing jwt token", + "schema": {} + }, + "403": { + "description": "Invalid jwt token (or expired)", + "schema": {} + }, + "404": { + "description": "Session not found with specified id (if not using the /current route)", + "schema": {} + } + } + } + }, + "/users": { + "get": { + "security": [ + { + "Jwt": [ + "users.read" + ] + } + ], + "description": "List all users existing in this instance.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "List all users", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "used for pagination.", + "name": "afterId", + "in": "query" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "400": { + "description": "Invalid after id", + "schema": {} + } + } + }, + "post": { + "description": "Register as a new user and open a session for it", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Register", + "parameters": [ + { + "type": "string", + "description": "The device the created session will be used on", + "name": "device", + "in": "query" + }, + { + "description": "Registration informations", + "name": "user", + "in": "body", + "schema": { + "$ref": "#/definitions/main.RegisterDto" + } + } + ], + "responses": { + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/dbc.Session" + } + }, + "400": { + "description": "Invalid register body", + "schema": {} + }, + "409": { + "description": "Duplicated email or username", + "schema": {} + } + } + } + }, + "/users/me": { + "get": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Get informations about the currently connected user", + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Get me", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "401": { + "description": "Missing jwt token", + "schema": {} + }, + "403": { + "description": "Invalid jwt token (or expired)", + "schema": {} + } + } + }, + "delete": { + "security": [ + { + "Jwt": [] + } + ], + "description": "Delete your account and all your sessions", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Delete self", + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + } + } + } + }, + "/users/{id}": { + "get": { + "security": [ + { + "Jwt": [ + "users.read" + ] + } + ], + "description": "Get informations about a user from it's id", + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Get user", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "The id of the user", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "404": { + "description": "No user with the given id found", + "schema": {} + } + } + }, + "delete": { + "security": [ + { + "Jwt": [ + "users.delete" + ] + } + ], + "description": "Delete an account and all it's sessions.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "tags": [ + "users" + ], + "summary": "Delete user", + "parameters": [ + { + "type": "string", + "format": "uuid", + "description": "User id of the user to delete", + "name": "id", + "in": "path" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/main.User" + } + }, + "404": { + "description": "Invalid user id", + "schema": {} + } + } + } + } + }, + "definitions": { + "dbc.Session": { + "type": "object", + "properties": { + "createdDate": { + "type": "string" + }, + "device": { + "type": "string" + }, + "id": { + "type": "string" + }, + "lastUsed": { + "type": "string" + }, + "pk": { + "type": "integer" + }, + "token": { + "type": "string" + }, + "userPk": { + "type": "integer" + } + } + }, + "main.Info": { + "type": "object", + "properties": { + "publicKey": { + "description": "The public key used to sign jwt tokens. It can be used by your services to check if the jwt is valid.", + "type": "string" + } + } + }, + "main.Jwt": { + "type": "object", + "properties": { + "token": { + "description": "The jwt token you can use for all authorized call to either keibi or other services.", + "type": "string" + } + } + }, + "main.LoginDto": { + "type": "object", + "required": [ + "login", + "password" + ], + "properties": { + "login": { + "description": "Either the email or the username.", + "type": "string" + }, + "password": { + "description": "Password of the account.", + "type": "string" + } + } + }, + "main.OidcHandle": { + "type": "object", + "properties": { + "id": { + "description": "Id of this oidc handle.", + "type": "string" + }, + "profileUrl": { + "description": "Link to the profile of the user on the external service. Null if unknown or irrelevant.", + "type": "string", + "format": "url" + }, + "username": { + "description": "Username of the user on the external service.", + "type": "string" + } + } + }, + "main.RegisterDto": { + "type": "object", + "required": [ + "email", + "password", + "username" + ], + "properties": { + "email": { + "description": "Valid email that could be used for forgotten password requests. Can be used for login.", + "type": "string", + "format": "email" + }, + "password": { + "description": "Password to use.", + "type": "string" + }, + "username": { + "description": "Username of the new account, can't contain @ signs. Can be used for login.", + "type": "string" + } + } + }, + "main.Session": { + "type": "object", + "properties": { + "createdDate": { + "description": "When was the session first opened", + "type": "string" + }, + "device": { + "description": "Device that created the session.", + "type": "string" + }, + "id": { + "description": "Unique id of this session. Can be used for calls to DELETE", + "type": "string" + }, + "lastUsed": { + "description": "Last date this session was used to access a service.", + "type": "string" + } + } + }, + "main.User": { + "type": "object", + "properties": { + "claims": { + "description": "List of custom claims JWT created via get /jwt will have", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "createdDate": { + "description": "When was this account created?", + "type": "string" + }, + "email": { + "description": "Email of the user. Can be used as a login.", + "type": "string", + "format": "email" + }, + "id": { + "description": "Id of the user.", + "type": "string" + }, + "lastSeen": { + "description": "When was the last time this account made any authorized request?", + "type": "string" + }, + "oidc": { + "description": "List of other login method available for this user. Access tokens wont be returned here.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/main.OidcHandle" + } + }, + "username": { + "description": "Username of the user. Can be used as a login.", + "type": "string" + } + } + } + }, + "securityDefinitions": { + "Jwt": { + "type": "apiKey", + "name": "Authorization", + "in": "header" + }, + "Token": { + "type": "apiKey", + "name": "Authorization", + "in": "header" + } + } +} \ No newline at end of file diff --git a/auth/docs/swagger.yaml b/auth/docs/swagger.yaml new file mode 100644 index 00000000..38ada431 --- /dev/null +++ b/auth/docs/swagger.yaml @@ -0,0 +1,426 @@ +basePath: /auth +definitions: + dbc.Session: + properties: + createdDate: + type: string + device: + type: string + id: + type: string + lastUsed: + type: string + pk: + type: integer + token: + type: string + userPk: + type: integer + type: object + main.Info: + properties: + publicKey: + description: The public key used to sign jwt tokens. It can be used by your + services to check if the jwt is valid. + type: string + type: object + main.Jwt: + properties: + token: + description: The jwt token you can use for all authorized call to either keibi + or other services. + type: string + type: object + main.LoginDto: + properties: + login: + description: Either the email or the username. + type: string + password: + description: Password of the account. + type: string + required: + - login + - password + type: object + main.OidcHandle: + properties: + id: + description: Id of this oidc handle. + type: string + profileUrl: + description: Link to the profile of the user on the external service. Null + if unknown or irrelevant. + format: url + type: string + username: + description: Username of the user on the external service. + type: string + type: object + main.RegisterDto: + properties: + email: + description: Valid email that could be used for forgotten password requests. + Can be used for login. + format: email + type: string + password: + description: Password to use. + type: string + username: + description: Username of the new account, can't contain @ signs. Can be used + for login. + type: string + required: + - email + - password + - username + type: object + main.Session: + properties: + createdDate: + description: When was the session first opened + type: string + device: + description: Device that created the session. + type: string + id: + description: Unique id of this session. Can be used for calls to DELETE + type: string + lastUsed: + description: Last date this session was used to access a service. + type: string + type: object + main.User: + properties: + claims: + additionalProperties: + type: string + description: List of custom claims JWT created via get /jwt will have + type: object + createdDate: + description: When was this account created? + type: string + email: + description: Email of the user. Can be used as a login. + format: email + type: string + id: + description: Id of the user. + type: string + lastSeen: + description: When was the last time this account made any authorized request? + type: string + oidc: + additionalProperties: + $ref: '#/definitions/main.OidcHandle' + description: List of other login method available for this user. Access tokens + wont be returned here. + type: object + username: + description: Username of the user. Can be used as a login. + type: string + type: object +host: kyoo.zoriya.dev +info: + contact: + name: Repository + url: https://github.com/zoriya/kyoo + description: Auth system made for kyoo. + license: + name: GPL-3.0 + url: https://www.gnu.org/licenses/gpl-3.0.en.html + title: Keibi - Kyoo's auth + version: "1.0" +paths: + /info: + get: + description: Get info like the public key used to sign the jwts. + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.Info' + summary: Info + tags: + - jwt + /jwt: + get: + description: Convert a session token to a short lived JWT. + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.Jwt' + "401": + description: Missing session token + schema: {} + "403": + description: Invalid session token (or expired) + schema: {} + security: + - Token: [] + summary: Get JWT + tags: + - jwt + /sessions: + post: + consumes: + - application/json + description: Login to your account and open a session + parameters: + - description: The device the created session will be used on + in: query + name: device + type: string + - description: Account informations + in: body + name: login + schema: + $ref: '#/definitions/main.LoginDto' + produces: + - application/json + responses: + "201": + description: Created + schema: + $ref: '#/definitions/dbc.Session' + "400": + description: Invalid login body + schema: {} + "403": + description: Invalid password + schema: {} + "404": + description: Account does not exists + schema: {} + "422": + description: User does not have a password (registered via oidc, please + login via oidc) + schema: {} + summary: Login + tags: + - sessions + /sessions/{id}: + delete: + description: Delete a session and logout + parameters: + - description: The id of the session to delete + format: uuid + in: path + name: id + required: true + type: string + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.Session' + "400": + description: Invalid session id + schema: {} + "401": + description: Missing jwt token + schema: {} + "403": + description: Invalid jwt token (or expired) + schema: {} + "404": + description: Session not found with specified id (if not using the /current + route) + schema: {} + security: + - Jwt: [] + summary: Logout + tags: + - sessions + /sessions/current: + delete: + description: Delete a session and logout + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.Session' + "400": + description: Invalid session id + schema: {} + "401": + description: Missing jwt token + schema: {} + "403": + description: Invalid jwt token (or expired) + schema: {} + "404": + description: Session not found with specified id (if not using the /current + route) + schema: {} + security: + - Jwt: [] + summary: Logout + tags: + - sessions + /users: + get: + consumes: + - application/json + description: List all users existing in this instance. + parameters: + - description: used for pagination. + format: uuid + in: query + name: afterId + type: string + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.User' + "400": + description: Invalid after id + schema: {} + security: + - Jwt: + - users.read + summary: List all users + tags: + - users + post: + consumes: + - application/json + description: Register as a new user and open a session for it + parameters: + - description: The device the created session will be used on + in: query + name: device + type: string + - description: Registration informations + in: body + name: user + schema: + $ref: '#/definitions/main.RegisterDto' + produces: + - application/json + responses: + "201": + description: Created + schema: + $ref: '#/definitions/dbc.Session' + "400": + description: Invalid register body + schema: {} + "409": + description: Duplicated email or username + schema: {} + summary: Register + tags: + - users + /users/{id}: + delete: + consumes: + - application/json + description: Delete an account and all it's sessions. + parameters: + - description: User id of the user to delete + format: uuid + in: path + name: id + type: string + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.User' + "404": + description: Invalid user id + schema: {} + security: + - Jwt: + - users.delete + summary: Delete user + tags: + - users + get: + description: Get informations about a user from it's id + parameters: + - description: The id of the user + format: uuid + in: path + name: id + required: true + type: string + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.User' + "404": + description: No user with the given id found + schema: {} + security: + - Jwt: + - users.read + summary: Get user + tags: + - users + /users/me: + delete: + consumes: + - application/json + description: Delete your account and all your sessions + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.User' + security: + - Jwt: [] + summary: Delete self + tags: + - users + get: + description: Get informations about the currently connected user + produces: + - application/json + responses: + "200": + description: OK + schema: + $ref: '#/definitions/main.User' + "401": + description: Missing jwt token + schema: {} + "403": + description: Invalid jwt token (or expired) + schema: {} + security: + - Jwt: [] + summary: Get me + tags: + - users +securityDefinitions: + Jwt: + in: header + name: Authorization + type: apiKey + Token: + in: header + name: Authorization + type: apiKey +swagger: "2.0"