1023 lines
23 KiB
YAML
1023 lines
23 KiB
YAML
basePath: /v1
|
||
definitions:
|
||
handlers.LoginRequest:
|
||
properties:
|
||
email:
|
||
type: string
|
||
password:
|
||
type: string
|
||
required:
|
||
- email
|
||
- password
|
||
type: object
|
||
handlers.RefreshRequest:
|
||
properties:
|
||
refresh_token:
|
||
type: string
|
||
required:
|
||
- refresh_token
|
||
type: object
|
||
handlers.RegisterRequest:
|
||
properties:
|
||
email:
|
||
type: string
|
||
password:
|
||
minLength: 6
|
||
type: string
|
||
username:
|
||
minLength: 3
|
||
type: string
|
||
required:
|
||
- email
|
||
- password
|
||
- username
|
||
type: object
|
||
models.CorsBlacklist:
|
||
properties:
|
||
created_at:
|
||
type: string
|
||
created_by:
|
||
type: string
|
||
id:
|
||
type: string
|
||
is_active:
|
||
type: boolean
|
||
origin:
|
||
type: string
|
||
reason:
|
||
type: string
|
||
updated_at:
|
||
type: string
|
||
type: object
|
||
models.CorsWhitelist:
|
||
properties:
|
||
created_at:
|
||
type: string
|
||
created_by:
|
||
type: string
|
||
description:
|
||
type: string
|
||
id:
|
||
type: string
|
||
is_active:
|
||
type: boolean
|
||
origin:
|
||
type: string
|
||
updated_at:
|
||
type: string
|
||
type: object
|
||
models.Permission:
|
||
properties:
|
||
description:
|
||
type: string
|
||
id:
|
||
type: integer
|
||
name:
|
||
description: user:read, user:write
|
||
type: string
|
||
type: object
|
||
models.RateLimitSetting:
|
||
properties:
|
||
created_at:
|
||
type: string
|
||
description:
|
||
type: string
|
||
id:
|
||
type: string
|
||
is_active:
|
||
type: boolean
|
||
max_requests:
|
||
description: Max istek sayısı
|
||
type: integer
|
||
name:
|
||
description: e.g., "login", "register", "api"
|
||
type: string
|
||
updated_at:
|
||
type: string
|
||
updated_by:
|
||
type: string
|
||
window_seconds:
|
||
description: Zaman penceresi (saniye)
|
||
type: integer
|
||
type: object
|
||
models.Role:
|
||
properties:
|
||
description:
|
||
type: string
|
||
id:
|
||
type: integer
|
||
name:
|
||
description: admin, user
|
||
type: string
|
||
permissions:
|
||
items:
|
||
$ref: '#/definitions/models.Permission'
|
||
type: array
|
||
type: object
|
||
models.SocialAccount:
|
||
properties:
|
||
avatar_url:
|
||
description: Avatar URL from provider
|
||
type: string
|
||
created_at:
|
||
type: string
|
||
email:
|
||
type: string
|
||
id:
|
||
type: string
|
||
name:
|
||
description: Full name from provider
|
||
type: string
|
||
provider:
|
||
description: google, github
|
||
type: string
|
||
provider_id:
|
||
type: string
|
||
updated_at:
|
||
type: string
|
||
user_id:
|
||
type: string
|
||
type: object
|
||
models.User:
|
||
properties:
|
||
avatar:
|
||
description: Avatar URL from OAuth or uploaded
|
||
type: string
|
||
created_at:
|
||
type: string
|
||
email:
|
||
type: string
|
||
email_verified:
|
||
description: |-
|
||
Email verification: only required for email/password registration; OAuth users are treated as verified
|
||
Changed to *bool to handle false values correctly with GORM defaults
|
||
type: boolean
|
||
email_verified_at:
|
||
type: string
|
||
id:
|
||
type: string
|
||
roles:
|
||
items:
|
||
$ref: '#/definitions/models.Role'
|
||
type: array
|
||
social_accounts:
|
||
items:
|
||
$ref: '#/definitions/models.SocialAccount'
|
||
type: array
|
||
updated_at:
|
||
type: string
|
||
username:
|
||
type: string
|
||
type: object
|
||
info:
|
||
contact: {}
|
||
description: Centralized Authentication Service
|
||
title: GAuth-Central API
|
||
version: "1.0"
|
||
paths:
|
||
/admin/users:
|
||
get:
|
||
parameters:
|
||
- default: 1
|
||
description: Page number
|
||
in: query
|
||
name: page
|
||
type: integer
|
||
- default: 10
|
||
description: Items per page
|
||
in: query
|
||
name: limit
|
||
type: integer
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get all users (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
post:
|
||
consumes:
|
||
- multipart/form-data
|
||
parameters:
|
||
- description: Email
|
||
in: formData
|
||
name: email
|
||
required: true
|
||
type: string
|
||
- description: Password
|
||
in: formData
|
||
name: password
|
||
required: true
|
||
type: string
|
||
- description: Username
|
||
in: formData
|
||
name: user_name
|
||
required: true
|
||
type: string
|
||
- description: Email verified
|
||
in: formData
|
||
name: email_verified
|
||
type: boolean
|
||
- description: 'Roles (comma separated: admin,user)'
|
||
in: formData
|
||
name: roles
|
||
type: string
|
||
- description: Avatar image
|
||
in: formData
|
||
name: avatar
|
||
type: file
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"201":
|
||
description: Created
|
||
schema:
|
||
$ref: '#/definitions/models.User'
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Create new user (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/admin/users/{id}:
|
||
delete:
|
||
parameters:
|
||
- description: User ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- default: false
|
||
description: Hard delete (permanent)
|
||
in: query
|
||
name: hard
|
||
type: boolean
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Delete user (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
get:
|
||
parameters:
|
||
- description: User ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
$ref: '#/definitions/models.User'
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get user by ID (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
put:
|
||
consumes:
|
||
- multipart/form-data
|
||
parameters:
|
||
- description: User ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- description: Email
|
||
in: formData
|
||
name: email
|
||
type: string
|
||
- description: Password
|
||
in: formData
|
||
name: password
|
||
type: string
|
||
- description: Username
|
||
in: formData
|
||
name: user_name
|
||
type: string
|
||
- description: Email verified
|
||
in: formData
|
||
name: email_verified
|
||
type: boolean
|
||
- description: 'Roles (comma separated: admin,user)'
|
||
in: formData
|
||
name: roles
|
||
type: string
|
||
- description: Avatar image
|
||
in: formData
|
||
name: avatar
|
||
type: file
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Update user (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/admin/users/{id}/avatar:
|
||
post:
|
||
consumes:
|
||
- multipart/form-data
|
||
parameters:
|
||
- description: User ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- description: Avatar image file
|
||
in: formData
|
||
name: avatar
|
||
required: true
|
||
type: file
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Upload avatar for any user (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/admin/users/{id}/restore:
|
||
post:
|
||
parameters:
|
||
- description: User ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Restore a soft deleted user (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/admin/users/{id}/roles:
|
||
post:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: User ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- description: Roles
|
||
in: body
|
||
name: roles
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Assign roles to user (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/admin/users/{id}/roles/{role}:
|
||
delete:
|
||
parameters:
|
||
- description: User ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- description: Role name
|
||
in: path
|
||
name: role
|
||
required: true
|
||
type: string
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Remove role from user (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/admin/users/deleted:
|
||
get:
|
||
parameters:
|
||
- default: 1
|
||
description: Page number
|
||
in: query
|
||
name: page
|
||
type: integer
|
||
- default: 10
|
||
description: Items per page
|
||
in: query
|
||
name: limit
|
||
type: integer
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get all soft deleted users (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/admin/users/search:
|
||
get:
|
||
parameters:
|
||
- description: Search query
|
||
in: query
|
||
name: q
|
||
required: true
|
||
type: string
|
||
- default: 1
|
||
description: Page number
|
||
in: query
|
||
name: page
|
||
type: integer
|
||
- default: 10
|
||
description: Items per page
|
||
in: query
|
||
name: limit
|
||
type: integer
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Search users (Admin only)
|
||
tags:
|
||
- Admin - User Management
|
||
/auth/{provider}:
|
||
get:
|
||
description: Redirect to OAuth2 provider
|
||
parameters:
|
||
- description: Provider (google, github)
|
||
in: path
|
||
name: provider
|
||
required: true
|
||
type: string
|
||
responses: {}
|
||
summary: Start OAuth2 flow
|
||
tags:
|
||
- oauth
|
||
/auth/{provider}/callback:
|
||
get:
|
||
description: Handle callback from OAuth2 provider
|
||
parameters:
|
||
- description: Provider (google, github)
|
||
in: path
|
||
name: provider
|
||
required: true
|
||
type: string
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
"401":
|
||
description: Unauthorized
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
summary: OAuth2 Callback
|
||
tags:
|
||
- oauth
|
||
/auth/login:
|
||
post:
|
||
consumes:
|
||
- application/json
|
||
description: Login with email and password to get JWT token
|
||
parameters:
|
||
- description: Login Request
|
||
in: body
|
||
name: request
|
||
required: true
|
||
schema:
|
||
$ref: '#/definitions/handlers.LoginRequest'
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
"400":
|
||
description: Bad Request
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
"401":
|
||
description: Unauthorized
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
summary: Login user
|
||
tags:
|
||
- auth
|
||
/auth/me:
|
||
get:
|
||
description: Get details of the currently authenticated user
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
$ref: '#/definitions/models.User'
|
||
"401":
|
||
description: Unauthorized
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get Current User Profile
|
||
tags:
|
||
- auth
|
||
/auth/refresh:
|
||
post:
|
||
consumes:
|
||
- application/json
|
||
description: 'usage: send refresh_token to get new access_token'
|
||
parameters:
|
||
- description: Refresh Request
|
||
in: body
|
||
name: request
|
||
required: true
|
||
schema:
|
||
$ref: '#/definitions/handlers.RefreshRequest'
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
"400":
|
||
description: Bad Request
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
"401":
|
||
description: Unauthorized
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
summary: Refresh Access Token
|
||
tags:
|
||
- auth
|
||
/auth/register:
|
||
post:
|
||
consumes:
|
||
- application/json
|
||
description: Register with username, email and password
|
||
parameters:
|
||
- description: Register Request
|
||
in: body
|
||
name: request
|
||
required: true
|
||
schema:
|
||
$ref: '#/definitions/handlers.RegisterRequest'
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"201":
|
||
description: Created
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
"400":
|
||
description: Bad Request
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
summary: Register a new user
|
||
tags:
|
||
- auth
|
||
/auth/verify-email:
|
||
get:
|
||
description: Verify email with token sent after email/password registration
|
||
parameters:
|
||
- description: Verification token
|
||
in: query
|
||
name: token
|
||
required: true
|
||
type: string
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
"400":
|
||
description: Bad Request
|
||
schema:
|
||
additionalProperties:
|
||
type: string
|
||
type: object
|
||
summary: Verify email address
|
||
tags:
|
||
- auth
|
||
/profile:
|
||
get:
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
$ref: '#/definitions/models.User'
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get current user profile
|
||
tags:
|
||
- Profile
|
||
put:
|
||
consumes:
|
||
- multipart/form-data
|
||
parameters:
|
||
- description: Username
|
||
in: formData
|
||
name: user_name
|
||
type: string
|
||
- description: Avatar image
|
||
in: formData
|
||
name: avatar
|
||
type: file
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Update current user profile
|
||
tags:
|
||
- Profile
|
||
/profile/email:
|
||
put:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: Email change request
|
||
in: body
|
||
name: request
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Change email address
|
||
tags:
|
||
- Profile
|
||
/profile/password:
|
||
put:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: Password change request
|
||
in: body
|
||
name: request
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Change password
|
||
tags:
|
||
- Profile
|
||
/settings/cors/blacklist:
|
||
get:
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
items:
|
||
$ref: '#/definitions/models.CorsBlacklist'
|
||
type: array
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get all CORS blacklist entries
|
||
tags:
|
||
- Settings
|
||
post:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: Blacklist data
|
||
in: body
|
||
name: blacklist
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"201":
|
||
description: Created
|
||
schema:
|
||
$ref: '#/definitions/models.CorsBlacklist'
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Create CORS blacklist entry
|
||
tags:
|
||
- Settings
|
||
/settings/cors/blacklist/{id}:
|
||
delete:
|
||
parameters:
|
||
- description: Blacklist ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Delete CORS blacklist entry
|
||
tags:
|
||
- Settings
|
||
put:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: Blacklist ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- description: Update data
|
||
in: body
|
||
name: blacklist
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Update CORS blacklist entry
|
||
tags:
|
||
- Settings
|
||
/settings/cors/whitelist:
|
||
get:
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
items:
|
||
$ref: '#/definitions/models.CorsWhitelist'
|
||
type: array
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get all CORS whitelist entries
|
||
tags:
|
||
- Settings
|
||
post:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: Whitelist data
|
||
in: body
|
||
name: whitelist
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"201":
|
||
description: Created
|
||
schema:
|
||
$ref: '#/definitions/models.CorsWhitelist'
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Create CORS whitelist entry
|
||
tags:
|
||
- Settings
|
||
/settings/cors/whitelist/{id}:
|
||
delete:
|
||
parameters:
|
||
- description: Whitelist ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Delete CORS whitelist entry
|
||
tags:
|
||
- Settings
|
||
put:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: Whitelist ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- description: Update data
|
||
in: body
|
||
name: whitelist
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Update CORS whitelist entry
|
||
tags:
|
||
- Settings
|
||
/settings/ratelimit:
|
||
get:
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
items:
|
||
$ref: '#/definitions/models.RateLimitSetting'
|
||
type: array
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Get all rate limit settings
|
||
tags:
|
||
- Settings
|
||
/settings/ratelimit/{id}:
|
||
put:
|
||
consumes:
|
||
- application/json
|
||
parameters:
|
||
- description: Setting ID
|
||
in: path
|
||
name: id
|
||
required: true
|
||
type: string
|
||
- description: Update data
|
||
in: body
|
||
name: setting
|
||
required: true
|
||
schema:
|
||
type: object
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Update rate limit setting
|
||
tags:
|
||
- Settings
|
||
/user/avatar:
|
||
delete:
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Delete user avatar
|
||
tags:
|
||
- User
|
||
post:
|
||
consumes:
|
||
- multipart/form-data
|
||
parameters:
|
||
- description: Avatar image file
|
||
in: formData
|
||
name: avatar
|
||
required: true
|
||
type: file
|
||
produces:
|
||
- application/json
|
||
responses:
|
||
"200":
|
||
description: OK
|
||
schema:
|
||
additionalProperties: true
|
||
type: object
|
||
security:
|
||
- ApiKeyAuth: []
|
||
summary: Upload user avatar
|
||
tags:
|
||
- User
|
||
securityDefinitions:
|
||
ApiKeyAuth:
|
||
in: header
|
||
name: Authorization
|
||
type: apiKey
|
||
swagger: "2.0"
|