Skip to content

Commit d048993

Browse files
author
Frantz Kati
committed
feat(docs): add API responses support to rest api docs
- Add authentication to documentation
1 parent 1219f30 commit d048993

File tree

6 files changed

+220
-153
lines changed

6 files changed

+220
-153
lines changed

packages/auth/src/index.ts

+72-89
Original file line numberDiff line numberDiff line change
@@ -386,18 +386,12 @@ class Auth {
386386
.hideFromNavigation()
387387
.fields([
388388
belongsTo(this.config.userResource).nullable(),
389-
textarea('Access Token')
390-
.hidden()
391-
.hideFromApi()
392-
.hideOnUpdate()
393-
.hideOnIndex()
394-
.hideOnDetail()
395-
.hideOnCreate(),
396-
text('Email'),
389+
textarea('Access Token').hidden().hideFromApi(),
390+
text('Email').hidden(),
397391
textarea('Temporal Token').nullable().hidden(),
398392
json('Payload').hidden().hideFromApi(),
399393
text('Provider').rules('required'),
400-
text('Provider User ID')
394+
text('Provider User ID').hidden()
401395
])
402396
}
403397

@@ -562,7 +556,7 @@ class Auth {
562556
return {}
563557
})
564558
.afterCoreRoutesSetup(
565-
async ({ graphQlQueries, routes, apiPath }) => {
559+
async ({ graphQlQueries, routes, apiPath, app }) => {
566560
graphQlQueries.forEach(query => {
567561
if (query.config.resource) {
568562
const { path, internal } = query.config
@@ -623,7 +617,40 @@ class Auth {
623617
}
624618
})
625619

620+
app.use(async (request, response, next) => {
621+
await this.getAuthUserFromContext(request as any)
622+
623+
return next()
624+
})
625+
626+
app.use(async (request, response, next) => {
627+
await this.setAuthUserForPublicRoutes(request as any)
628+
629+
return next()
630+
})
631+
626632
routes.forEach(route => {
633+
route.middleware([
634+
async (request, response, next) => {
635+
const authorizers = await Promise.all(
636+
route.config.authorize.map(fn =>
637+
fn(request as any)
638+
)
639+
)
640+
641+
if (
642+
authorizers.filter(authorized => authorized)
643+
.length !==
644+
route.config.authorize.length
645+
) {
646+
return response.status(401).json({
647+
message: `Unauthorized.`
648+
})
649+
}
650+
651+
next()
652+
}
653+
])
627654
if (route.config.resource) {
628655
const {
629656
resource,
@@ -634,6 +661,18 @@ class Auth {
634661

635662
const { slugSingular, slugPlural } = resource.data
636663

664+
route.extend({
665+
...route.config.extend,
666+
docs: {
667+
...route.config.extend?.docs,
668+
security: [
669+
{
670+
Bearer: []
671+
}
672+
]
673+
}
674+
})
675+
637676
if (
638677
path === `/${apiPath}/${slugPlural}` &&
639678
type === 'POST' &&
@@ -700,42 +739,6 @@ class Auth {
700739
)
701740
}
702741
}
703-
704-
route.middleware([
705-
async (request, response, next) => {
706-
await this.getAuthUserFromContext(
707-
request as any
708-
)
709-
710-
return next()
711-
},
712-
async (request, response, next) => {
713-
await this.setAuthUserForPublicRoutes(
714-
request as any
715-
)
716-
717-
return next()
718-
},
719-
async (request, response, next) => {
720-
const authorizers = await Promise.all(
721-
route.config.authorize.map(fn =>
722-
fn(request as any)
723-
)
724-
)
725-
726-
if (
727-
authorizers.filter(authorized => authorized)
728-
.length !==
729-
route.config.authorize.length
730-
) {
731-
return response.status(401).json({
732-
message: `Unauthorized.`
733-
})
734-
}
735-
736-
next()
737-
}
738-
])
739742
})
740743
}
741744
)
@@ -793,15 +796,13 @@ class Auth {
793796
}
794797
}
795798
})
796-
.handle(async (request, { formatter: { ok, unprocess } }) =>
797-
{
798-
try {
799-
return ok(await this.login(request as any))
800-
} catch (error) {
801-
return unprocess(error)
802-
}
799+
.handle(async (request, { formatter: { ok, unprocess } }) => {
800+
try {
801+
return ok(await this.login(request as any))
802+
} catch (error) {
803+
return unprocess(error)
803804
}
804-
),
805+
}),
805806
route(`Register ${name}`)
806807
.path(this.getApiPath('register'))
807808
.post()
@@ -934,6 +935,7 @@ class Auth {
934935
summary: `Enable two factor authentication for an existing ${name}.`
935936
}
936937
})
938+
.authorize(({ user }) => user && !user.public)
937939
.handle(async (request, response) =>
938940
response.formatter.ok(
939941
await this.enableTwoFactorAuth(request as any)
@@ -949,6 +951,7 @@ class Auth {
949951
description: `This endpoint confirms enabling 2fa for an account. A previous call to /${this.config.apiPath}/two-factor/enable is required to generate a 2fa secret for the ${name}'s account.`
950952
}
951953
})
954+
.authorize(({ user }) => user && !user.public)
952955
.handle(async (request, response) =>
953956
response.formatter.ok(
954957
await this.enableTwoFactorAuth(request as any)
@@ -957,12 +960,14 @@ class Auth {
957960
route(`Disable Two Factor Auth`)
958961
.path(this.getApiPath('two-factor/disable'))
959962
.post()
963+
.authorize(({ user }) => user && !user.public)
960964
.extend({
961965
docs: {
962966
...extend,
963967
summary: `Disable two factor authentication for an existing ${name}.`
964968
}
965969
})
970+
.authorize(({ user }) => !!user)
966971
.handle(async (request, response) =>
967972
response.formatter.ok(
968973
await this.disableTwoFactorAuth(request as any)
@@ -971,22 +976,26 @@ class Auth {
971976
route(`Get authenticated ${name}`)
972977
.path(this.getApiPath('me'))
973978
.get()
979+
.authorize(({ user }) => user && !user.public)
974980
.extend({
975981
docs: {
976982
...extend,
977-
summary: `Get the authenticated ${name} from a valid JWT.`
983+
summary: `Get the authenticated ${name} from a valid JWT.`,
984+
security: [
985+
{
986+
Bearer: []
987+
}
988+
]
978989
}
979990
})
980-
.handle(async ({ user }, { formatter: { ok, unauthorized } }) =>
981-
user && !user.public
982-
? ok(user)
983-
: unauthorized({
984-
message: 'Unauthorized.'
985-
})
991+
.handle(
992+
async ({ user }, { formatter: { ok, unauthorized } }) =>
993+
user
986994
),
987995
route(`Resend Verification email`)
988996
.path(this.getApiPath('verification/resend'))
989997
.post()
998+
.authorize(({ user }) => user && !user.public)
990999
.extend({
9911000
docs: {
9921001
...extend,
@@ -1031,6 +1040,7 @@ class Auth {
10311040
route('Refresh Token')
10321041
.path(this.getApiPath('refresh-token'))
10331042
.post()
1043+
.authorize(({ user }) => user && !user.public)
10341044
.extend({
10351045
docs: {
10361046
...extend,
@@ -1062,6 +1072,7 @@ class Auth {
10621072
route('Remove refresh Token')
10631073
.path(this.getApiPath('refresh-token'))
10641074
.delete()
1075+
.authorize(({ user }) => user && !user.public)
10651076
.extend({
10661077
docs: {
10671078
...extend,
@@ -1607,34 +1618,6 @@ class Auth {
16071618
return this.getUserPayload(ctx)
16081619
}
16091620

1610-
public authMiddleware = async (
1611-
request: Request,
1612-
response: Response,
1613-
next: NextFunction
1614-
) => {
1615-
if (!request.user) {
1616-
return response.status(401).json({
1617-
message: 'Unauthenticated.'
1618-
})
1619-
}
1620-
1621-
next()
1622-
}
1623-
1624-
public verifiedMiddleware = async (
1625-
request: Request,
1626-
response: Response,
1627-
next: NextFunction
1628-
) => {
1629-
if (!request.user?.email_verified_at) {
1630-
return response.status(400).json({
1631-
message: 'Unverified.'
1632-
})
1633-
}
1634-
1635-
next()
1636-
}
1637-
16381621
public authorizeResolver = async (
16391622
ctx: GraphQLPluginContext,
16401623
query: GraphQlQueryContract

packages/common/typings/config.d.ts

+1-1
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ declare module '@tensei/common/config' {
2424

2525
type EndpointTypes = 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE'
2626

27-
interface RouteExtendContract extends any {}
27+
interface RouteExtendContract extends Record<string, any> {}
2828

2929
interface RouteContract {
3030
config: RouteConfig & {

packages/docs/common.d.ts

+1
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ declare module '@tensei/common' {
88
description?: string
99
parameters?: any[]
1010
definitions?: any
11+
responses?: any
1112
}
1213
}
1314

0 commit comments

Comments
 (0)