From 5ce5444e4606908aeb6ceaa8cb8604483e56add8 Mon Sep 17 00:00:00 2001 From: Noteworthy Date: Wed, 16 Aug 2023 18:59:03 +1000 Subject: [PATCH] feat: annotate API handlers that requires auth with swag (#46) * feat: annotate API handlers that requires auth with swag * update generated docs * bump go swag dep * feat: add optional auth in swag * fix swagger --- .vscode/settings.json | 1 + Makefile | 20 +++++- docs/docs.go | 146 ++++++++++++++++++++++++++++++++++++++++-- docs/swagger.json | 142 +++++++++++++++++++++++++++++++++++++++- docs/swagger.yaml | 64 +++++++++++++++++- go.mod | 4 +- go.sum | 10 +-- internal/file/api.go | 15 ++++- internal/user/api.go | 21 ++++-- 9 files changed, 402 insertions(+), 21 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index d06b42f..7d8120e 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -13,6 +13,7 @@ "healthcheck", "mpfd", "necsfield", + "Presign", "Robohash", "Taymiyyah", "templater", diff --git a/Makefile b/Makefile index 7ddbf88..90ff561 100644 --- a/Makefile +++ b/Makefile @@ -98,6 +98,24 @@ couchbase-init: ## Init couchbase database by creating the cluster and required --enable-flush 0 ; \ done - gen-openapi: ## Generate OpenAPI spec. swag init --parseDepth 2 -g cmd/main.go + + old="- '{}': \[\]" && new="- {}" \ + && sed -i "s|$$old|$$new|g" ${ROOT_DIR}/docs/swagger.yaml + old=' Bearer: \[\]' && new='- Bearer: []' \ + && sed -i "s|$$old|$$new|g" ${ROOT_DIR}/docs/swagger.yaml + + tr -d '\n' < ${ROOT_DIR}/docs/swagger.json > ${ROOT_DIR}/docs/swagger-tmp.json + mv ${ROOT_DIR}/docs/swagger-tmp.json ${ROOT_DIR}/docs/swagger.json + + old='"Bearer": \[\],' && new='"Bearer": \[\]},' \ + && sed -i "s|$$old|$$new|g" ${ROOT_DIR}/docs/swagger.json + old='"{}": \[\] }' && new="{}" \ + && sed -i "s|$$old|$$new|g" ${ROOT_DIR}/docs/swagger.json + + old='"{}":' && new="- {}:" \ + && sed -i "s|$$old|$$new|g" ${ROOT_DIR}/docs/docs.go + +install-swag: ## Install Swag + go install github.com/swaggo/swag/cmd/swag@latest diff --git a/docs/docs.go b/docs/docs.go index 901ddb1..6ca8be3 100644 --- a/docs/docs.go +++ b/docs/docs.go @@ -1,5 +1,5 @@ -// Package docs GENERATED BY SWAG; DO NOT EDIT -// This file was generated by swaggo/swag +// Code generated by swaggo/swag. DO NOT EDIT. + package docs import "github.com/swaggo/swag" @@ -512,6 +512,11 @@ const docTemplate = `{ }, "/files/": { "get": { + "security": [ + { + "Bearer": [] + } + ], "description": "List files", "consumes": [ "application/json" @@ -582,8 +587,7 @@ const docTemplate = `{ "post": { "security": [ { - "ApiKeyAuth": [], - "{}": [] + "Bearer": [] } ], "description": "Upload file for analysis.", @@ -690,6 +694,11 @@ const docTemplate = `{ } }, "put": { + "security": [ + { + "Bearer": [] + } + ], "description": "Replace a file report with a new report", "consumes": [ "application/json" @@ -738,6 +747,11 @@ const docTemplate = `{ } }, "delete": { + "security": [ + { + "Bearer": [] + } + ], "description": "Deletes a file by ID.", "consumes": [ "application/json" @@ -822,6 +836,11 @@ const docTemplate = `{ } }, "patch": { + "security": [ + { + "Bearer": [] + } + ], "description": "Patch a portion of a file report.", "consumes": [ "application/json" @@ -872,6 +891,12 @@ const docTemplate = `{ }, "/files/{sha256}/comments/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "List of comments for a given file.", "produces": [ "application/json" @@ -919,6 +944,11 @@ const docTemplate = `{ }, "/files/{sha256}/download/": { "get": { + "security": [ + { + "Bearer": [] + } + ], "description": "Download a binary file. Files are in zip format and password protected.", "produces": [ "multipart/form-data" @@ -960,6 +990,11 @@ const docTemplate = `{ }, "/files/{sha256}/generate-presigned-url/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Generate a pre-signed URL to download samples directly from the object storage.", "produces": [ "application/json" @@ -1001,6 +1036,11 @@ const docTemplate = `{ }, "/files/{sha256}/like/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Adds a file to the like list.", "produces": [ "application/json" @@ -1048,6 +1088,11 @@ const docTemplate = `{ }, "/files/{sha256}/rescan/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Rescan an existing file.", "produces": [ "application/json" @@ -1151,6 +1196,12 @@ const docTemplate = `{ }, "/files/{sha256}/summary/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "File metadata returned in the summary view of a file.", "produces": [ "application/json" @@ -1198,6 +1249,11 @@ const docTemplate = `{ }, "/files/{sha256}/unlike/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Removes a file from the like list.", "produces": [ "application/json" @@ -1239,6 +1295,11 @@ const docTemplate = `{ }, "/users/": { "get": { + "security": [ + { + "Bearer": [] + } + ], "description": "List users.", "consumes": [ "application/json" @@ -1365,6 +1426,12 @@ const docTemplate = `{ }, "/users/activities/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "List of activities of a user.", "consumes": [ "application/json" @@ -1420,6 +1487,12 @@ const docTemplate = `{ }, "/users/{username}": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "Retrieves information about a user.", "consumes": [ "application/json" @@ -1470,6 +1543,11 @@ const docTemplate = `{ }, "/users/{username}/": { "delete": { + "security": [ + { + "Bearer": [] + } + ], "description": "Deletes a user by ID.", "produces": [ "application/json" @@ -1515,6 +1593,11 @@ const docTemplate = `{ } }, "patch": { + "security": [ + { + "Bearer": [] + } + ], "description": "Replace a user document with a new user's document.", "consumes": [ "application/json" @@ -1574,6 +1657,11 @@ const docTemplate = `{ }, "/users/{username}/avatar/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Change user avatar", "consumes": [ "application/json" @@ -1645,6 +1733,12 @@ const docTemplate = `{ }, "/users/{username}/comments/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "List of comments by a user.", "consumes": [ "application/json" @@ -1707,6 +1801,11 @@ const docTemplate = `{ }, "/users/{username}/email/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Change email for logged-in users.", "consumes": [ "application/json" @@ -1766,6 +1865,11 @@ const docTemplate = `{ }, "/users/{username}/follow/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Start following a user.", "consumes": [ "application/json" @@ -1816,6 +1920,12 @@ const docTemplate = `{ }, "/users/{username}/followers/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "List of users who follow a user.", "consumes": [ "application/json" @@ -1878,6 +1988,12 @@ const docTemplate = `{ }, "/users/{username}/following/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "List of users a user follows.", "consumes": [ "application/json" @@ -1940,6 +2056,12 @@ const docTemplate = `{ }, "/users/{username}/likes/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "List of likes of a user.", "consumes": [ "application/json" @@ -2002,6 +2124,11 @@ const docTemplate = `{ }, "/users/{username}/password/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Change password for logged-in users.", "consumes": [ "application/json" @@ -2061,6 +2188,12 @@ const docTemplate = `{ }, "/users/{username}/submissions/": { "get": { + "security": [ + { + "Bearer": [], + - {}: [] + } + ], "description": "List of submissions by a user.", "consumes": [ "application/json" @@ -2123,6 +2256,11 @@ const docTemplate = `{ }, "/users/{username}/unfollow/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Stop following a user.", "consumes": [ "application/json" diff --git a/docs/swagger.json b/docs/swagger.json index 1f5aff4..156813d 100644 --- a/docs/swagger.json +++ b/docs/swagger.json @@ -508,6 +508,11 @@ }, "/files/": { "get": { + "security": [ + { + "Bearer": [] + } + ], "description": "List files", "consumes": [ "application/json" @@ -578,8 +583,7 @@ "post": { "security": [ { - "ApiKeyAuth": [], - "{}": [] + "Bearer": [] } ], "description": "Upload file for analysis.", @@ -686,6 +690,11 @@ } }, "put": { + "security": [ + { + "Bearer": [] + } + ], "description": "Replace a file report with a new report", "consumes": [ "application/json" @@ -734,6 +743,11 @@ } }, "delete": { + "security": [ + { + "Bearer": [] + } + ], "description": "Deletes a file by ID.", "consumes": [ "application/json" @@ -818,6 +832,11 @@ } }, "patch": { + "security": [ + { + "Bearer": [] + } + ], "description": "Patch a portion of a file report.", "consumes": [ "application/json" @@ -868,6 +887,12 @@ }, "/files/{sha256}/comments/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "List of comments for a given file.", "produces": [ "application/json" @@ -915,6 +940,11 @@ }, "/files/{sha256}/download/": { "get": { + "security": [ + { + "Bearer": [] + } + ], "description": "Download a binary file. Files are in zip format and password protected.", "produces": [ "multipart/form-data" @@ -956,6 +986,11 @@ }, "/files/{sha256}/generate-presigned-url/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Generate a pre-signed URL to download samples directly from the object storage.", "produces": [ "application/json" @@ -997,6 +1032,11 @@ }, "/files/{sha256}/like/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Adds a file to the like list.", "produces": [ "application/json" @@ -1044,6 +1084,11 @@ }, "/files/{sha256}/rescan/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Rescan an existing file.", "produces": [ "application/json" @@ -1147,6 +1192,12 @@ }, "/files/{sha256}/summary/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "File metadata returned in the summary view of a file.", "produces": [ "application/json" @@ -1194,6 +1245,11 @@ }, "/files/{sha256}/unlike/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Removes a file from the like list.", "produces": [ "application/json" @@ -1235,6 +1291,11 @@ }, "/users/": { "get": { + "security": [ + { + "Bearer": [] + } + ], "description": "List users.", "consumes": [ "application/json" @@ -1361,6 +1422,12 @@ }, "/users/activities/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "List of activities of a user.", "consumes": [ "application/json" @@ -1416,6 +1483,12 @@ }, "/users/{username}": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "Retrieves information about a user.", "consumes": [ "application/json" @@ -1466,6 +1539,11 @@ }, "/users/{username}/": { "delete": { + "security": [ + { + "Bearer": [] + } + ], "description": "Deletes a user by ID.", "produces": [ "application/json" @@ -1511,6 +1589,11 @@ } }, "patch": { + "security": [ + { + "Bearer": [] + } + ], "description": "Replace a user document with a new user's document.", "consumes": [ "application/json" @@ -1570,6 +1653,11 @@ }, "/users/{username}/avatar/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Change user avatar", "consumes": [ "application/json" @@ -1641,6 +1729,12 @@ }, "/users/{username}/comments/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "List of comments by a user.", "consumes": [ "application/json" @@ -1703,6 +1797,11 @@ }, "/users/{username}/email/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Change email for logged-in users.", "consumes": [ "application/json" @@ -1762,6 +1861,11 @@ }, "/users/{username}/follow/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Start following a user.", "consumes": [ "application/json" @@ -1812,6 +1916,12 @@ }, "/users/{username}/followers/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "List of users who follow a user.", "consumes": [ "application/json" @@ -1874,6 +1984,12 @@ }, "/users/{username}/following/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "List of users a user follows.", "consumes": [ "application/json" @@ -1936,6 +2052,12 @@ }, "/users/{username}/likes/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "List of likes of a user.", "consumes": [ "application/json" @@ -1998,6 +2120,11 @@ }, "/users/{username}/password/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Change password for logged-in users.", "consumes": [ "application/json" @@ -2057,6 +2184,12 @@ }, "/users/{username}/submissions/": { "get": { + "security": [ + { + "Bearer": [] + }, + {} + ], "description": "List of submissions by a user.", "consumes": [ "application/json" @@ -2119,6 +2252,11 @@ }, "/users/{username}/unfollow/": { "post": { + "security": [ + { + "Bearer": [] + } + ], "description": "Stop following a user.", "consumes": [ "application/json" diff --git a/docs/swagger.yaml b/docs/swagger.yaml index a41833f..fcf325c 100644 --- a/docs/swagger.yaml +++ b/docs/swagger.yaml @@ -671,6 +671,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Retrieves a paginated list of files tags: - File @@ -708,8 +710,7 @@ paths: schema: $ref: '#/definitions/errors.ErrorResponse' security: - - '{}': [] - ApiKeyAuth: [] + - Bearer: [] summary: Submit a new file for scanning tags: - File @@ -743,6 +744,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Deletes a file tags: - File @@ -831,6 +834,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Update a file report (partial update) tags: - File @@ -863,6 +868,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Update a file report (full update) tags: - File @@ -894,6 +901,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Returns a paginated list of file comments tags: - File @@ -921,6 +931,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Download a file tags: - File @@ -949,6 +961,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Generate a pre-signed URL for downloading samples. tags: - File @@ -980,6 +994,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Like a file tags: - File @@ -1007,6 +1023,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Rescan an existing file tags: - File @@ -1079,6 +1097,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: File summary and metadata tags: - File @@ -1106,6 +1127,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Unlike a file tags: - File @@ -1149,6 +1172,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Retrieves a paginated list of users tags: - User @@ -1219,6 +1244,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Get user information by user ID tags: - User @@ -1250,6 +1278,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Deletes a user tags: - User @@ -1288,6 +1318,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Update a user object (full update) tags: - User @@ -1335,6 +1367,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Update user avatar tags: - User @@ -1376,6 +1410,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Returns a paginated list of a user's comments tags: - User @@ -1415,6 +1452,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Update email for authenticated users tags: - User @@ -1448,6 +1487,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Follow a user tags: - User @@ -1489,6 +1530,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Returns a paginated list of a user's followers tags: - User @@ -1530,6 +1574,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Returns a paginated list of a user's following tags: - User @@ -1571,6 +1618,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Returns a paginated list of a user's likes tags: - User @@ -1610,6 +1660,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Update password for authenticated users tags: - User @@ -1651,6 +1703,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Returns a paginated list of a user's submissions tags: - User @@ -1684,6 +1739,8 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - Bearer: [] summary: Unfollow a user tags: - User @@ -1720,6 +1777,9 @@ paths: description: Internal Server Error schema: $ref: '#/definitions/errors.ErrorResponse' + security: + - {} + - Bearer: [] summary: Returns a paginated list of a user's activities tags: - Activity diff --git a/go.mod b/go.mod index 412e961..cf9efd3 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/nsqio/go-nsq v1.1.0 github.com/spf13/viper v1.12.0 github.com/stretchr/testify v1.8.2 - github.com/swaggo/swag v1.8.8 + github.com/swaggo/swag v1.8.12 github.com/xhit/go-simple-mail/v2 v2.13.0 github.com/yeka/zip v0.0.0-20180914125537-d046722c6feb go.uber.org/zap v1.21.0 @@ -73,7 +73,7 @@ require ( golang.org/x/sys v0.6.0 // indirect golang.org/x/text v0.8.0 // indirect golang.org/x/time v0.0.0-20201208040808-7e3f01d25324 // indirect - golang.org/x/tools v0.6.0 // indirect + golang.org/x/tools v0.7.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index c8c2e40..71306b9 100644 --- a/go.sum +++ b/go.sum @@ -461,8 +461,8 @@ github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.3.0 h1:mjC+YW8QpAdXibNi+vNWgzmgBH4+5l5dCXv8cNysBLI= github.com/subosito/gotenv v1.3.0/go.mod h1:YzJjq/33h7nrwdY+iHMhEOEEbW0ovIz0tB6t6PwAXzs= -github.com/swaggo/swag v1.8.8 h1:/GgJmrJ8/c0z4R4hoEPZ5UeEhVGdvsII4JbVDLbR7Xc= -github.com/swaggo/swag v1.8.8/go.mod h1:ezQVUUhly8dludpVk+/PuwJWvLLanB13ygV5Pr9enSk= +github.com/swaggo/swag v1.8.12 h1:pctzkNPu0AlQP2royqX3apjKCQonAnf7KGoxeO4y64w= +github.com/swaggo/swag v1.8.12/go.mod h1:lNfm6Gg+oAq3zRJQNEMBE66LIJKM44mxFqhEEgy2its= github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208 h1:PM5hJF7HVfNWmCjMdEfbuOBNXSVF2cMFGgQTPdKCbwM= github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= @@ -553,8 +553,9 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.9.0 h1:KENHtAZL2y3NLMYZeHY9DW8HW8V+kQyJsY/V9JlKvCs= +golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -811,8 +812,9 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4= +golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/internal/file/api.go b/internal/file/api.go index aaff2eb..400d4a0 100644 --- a/internal/file/api.go +++ b/internal/file/api.go @@ -31,7 +31,7 @@ func RegisterHandlers(g *echo.Group, service Service, logger log.Logger, res := resource{service, logger, int64(maxFileSize * MB)} - g.GET("/files/", res.list) + g.GET("/files/", res.list, requireLogin) g.POST("/files/", res.create, requireLogin) g.HEAD("/files/:sha256/", res.exists, verifyHash) g.GET("/files/:sha256/", res.get, verifyHash) @@ -112,13 +112,13 @@ func (r resource) get(c echo.Context) error { // @Accept mpfd // @Produce json // @Param file formData file true "binary file" -// @Security ApiKeyAuth || {} // @Success 201 {object} entity.File // @Failure 400 {object} errors.ErrorResponse // @Failure 404 {object} errors.ErrorResponse // @Failure 413 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/ [post] +// @Security Bearer func (r resource) create(c echo.Context) error { ctx := c.Request().Context() @@ -165,6 +165,7 @@ func (r resource) create(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256} [put] +// @Security Bearer func (r resource) update(c echo.Context) error { var isAdmin bool @@ -200,6 +201,7 @@ func (r resource) update(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256} [patch] +// @Security Bearer func (r resource) patch(c echo.Context) error { var isAdmin bool ctx := c.Request().Context() @@ -223,6 +225,7 @@ func (r resource) patch(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256} [delete] +// @Security Bearer func (r resource) delete(c echo.Context) error { var isAdmin bool @@ -253,6 +256,7 @@ func (r resource) delete(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/ [get] +// @Security Bearer func (r resource) list(c echo.Context) error { var isAdmin bool ctx := c.Request().Context() @@ -315,6 +319,7 @@ func (r resource) strings(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256}/summary/ [get] +// @Security Bearer || {} func (r resource) summary(c echo.Context) error { ctx := c.Request().Context() fileSummary, err := r.service.Summary(ctx, c.Param("sha256")) @@ -334,6 +339,7 @@ func (r resource) summary(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256}/comments/ [get] +// @Security Bearer || {} func (r resource) comments(c echo.Context) error { ctx := c.Request().Context() file, err := r.service.Get(ctx, c.Param("sha256"), nil) @@ -361,6 +367,7 @@ func (r resource) comments(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256}/like/ [post] +// @Security Bearer func (r resource) like(c echo.Context) error { ctx := c.Request().Context() err := r.service.Like(ctx, c.Param("sha256")) @@ -382,6 +389,7 @@ func (r resource) like(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256}/unlike/ [post] +// @Security Bearer func (r resource) unlike(c echo.Context) error { ctx := c.Request().Context() err := r.service.Unlike(ctx, c.Param("sha256")) @@ -403,6 +411,7 @@ func (r resource) unlike(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256}/rescan/ [post] +// @Security Bearer func (r resource) rescan(c echo.Context) error { ctx := c.Request().Context() err := r.service.Rescan(ctx, c.Param("sha256")) @@ -424,6 +433,7 @@ func (r resource) rescan(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256}/download/ [get] +// @Security Bearer func (r resource) download(c echo.Context) error { ctx := c.Request().Context() var zippedFile string @@ -448,6 +458,7 @@ func (r resource) download(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /files/{sha256}/generate-presigned-url/ [post] +// @Security Bearer func (r resource) generatePresignedURL(c echo.Context) error { ctx := c.Request().Context() preSignedURL, err := r.service.GeneratePresignedURL(ctx, c.Param("sha256")) diff --git a/internal/user/api.go b/internal/user/api.go index 589b6a9..9d439fc 100644 --- a/internal/user/api.go +++ b/internal/user/api.go @@ -70,6 +70,7 @@ type resource struct { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username} [get] +// @Security Bearer || {} func (r resource) get(c echo.Context) error { ctx := c.Request().Context() user, err := r.service.Get(ctx, c.Param("username")) @@ -77,8 +78,7 @@ func (r resource) get(c echo.Context) error { return err } - // Hide the email unless the logged-in user is asking its own - // information. + // Hide the email unless the logged-in user is asking its own information. curUser, ok := ctx.Value(entity.UserKey).(entity.User) if !ok || curUser.ID() != strings.ToLower(c.Param("username")) { user.Email = "" @@ -123,8 +123,7 @@ func (r resource) create(c echo.Context) error { // Hide sensible data, user.Password = "" - // No need to generate a confirmation email when smtp - // is not configured. + // No need to generate a confirmation email when smtp is not configured. if len(r.templater.EmailRequestTemplate) == 0 { user.Confirmed = true err = r.service.Patch(ctx, user.ID(), "confirmed", true) @@ -183,6 +182,7 @@ func (r resource) create(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/ [patch] +// @Security Bearer func (r resource) update(c echo.Context) error { var input UpdateUserRequest var curUser string @@ -221,6 +221,7 @@ func (r resource) update(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/ [delete] +// @Security Bearer func (r resource) delete(c echo.Context) error { var isAdmin bool @@ -253,6 +254,7 @@ func (r resource) delete(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/ [get] +// @Security Bearer func (r resource) list(c echo.Context) error { var isAdmin bool ctx := c.Request().Context() @@ -288,6 +290,7 @@ func (r resource) list(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/activities/ [get] +// @Security Bearer || {} func (r resource) activities(c echo.Context) error { ctx := c.Request().Context() var id string @@ -321,6 +324,7 @@ func (r resource) activities(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/likes/ [get] +// @Security Bearer || {} func (r resource) likes(c echo.Context) error { ctx := c.Request().Context() count, err := r.service.CountLikes(ctx, c.Param("username")) @@ -350,6 +354,7 @@ func (r resource) likes(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/following/ [get] +// @Security Bearer || {} func (r resource) following(c echo.Context) error { ctx := c.Request().Context() count, err := r.service.CountFollowing(ctx, c.Param("username")) @@ -379,6 +384,7 @@ func (r resource) following(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/followers/ [get] +// @Security Bearer || {} func (r resource) followers(c echo.Context) error { ctx := c.Request().Context() count, err := r.service.CountFollowers(ctx, c.Param("username")) @@ -408,6 +414,7 @@ func (r resource) followers(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/submissions/ [get] +// @Security Bearer || {} func (r resource) submissions(c echo.Context) error { ctx := c.Request().Context() count, err := r.service.CountSubmissions(ctx, c.Param("username")) @@ -437,6 +444,7 @@ func (r resource) submissions(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/comments/ [get] +// @Security Bearer || {} func (r resource) comments(c echo.Context) error { ctx := c.Request().Context() count, err := r.service.CountComments(ctx, c.Param("username")) @@ -464,6 +472,7 @@ func (r resource) comments(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/follow/ [post] +// @Security Bearer func (r resource) follow(c echo.Context) error { ctx := c.Request().Context() err := r.service.Follow(ctx, c.Param("username")) @@ -491,6 +500,7 @@ func (r resource) follow(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/unfollow/ [post] +// @Security Bearer func (r resource) unFollow(c echo.Context) error { ctx := c.Request().Context() err := r.service.UnFollow(ctx, c.Param("username")) @@ -520,6 +530,7 @@ func (r resource) unFollow(c echo.Context) error { // @Failure 413 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/avatar/ [post] +// @Security Bearer func (r resource) avatar(c echo.Context) error { var curUsername string ctx := c.Request().Context() @@ -581,6 +592,7 @@ func (r resource) avatar(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/password/ [post] +// @Security Bearer func (r resource) password(c echo.Context) error { var req UpdatePasswordRequest ctx := c.Request().Context() @@ -626,6 +638,7 @@ func (r resource) password(c echo.Context) error { // @Failure 404 {object} errors.ErrorResponse // @Failure 500 {object} errors.ErrorResponse // @Router /users/{username}/email/ [post] +// @Security Bearer func (r resource) email(c echo.Context) error { var req UpdateEmailRequest ctx := c.Request().Context()