From 7728759bcd9cf311149ce80f356bdb027b402dd4 Mon Sep 17 00:00:00 2001 From: Nicolai Ort Date: Fri, 8 Jan 2021 18:28:35 +0100 Subject: [PATCH] Added openapi sec scheme for the scan station auth ref #67 --- scripts/openapi_export.ts | 7 ++++++- src/controllers/ScanController.ts | 4 ++-- src/loaders/openapi.ts | 7 ++++++- 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/scripts/openapi_export.ts b/scripts/openapi_export.ts index aec2c69..0902b22 100644 --- a/scripts/openapi_export.ts +++ b/scripts/openapi_export.ts @@ -48,7 +48,12 @@ const spec = routingControllersToSpec( "StatsApiToken": { "type": "http", "scheme": "bearer", - description: "Api token that can be obtained by creating a new stats client (post to /api/statsclients)." + description: "Api token that can be obtained by creating a new stats client (post to /api/statsclients). Only valid for obtaining stats." + }, + "StationApiToken": { + "type": "http", + "scheme": "bearer", + description: "Api token that can be obtained by creating a new scan station (post to /api/stations). Only valid for creating scans." } } }, diff --git a/src/controllers/ScanController.ts b/src/controllers/ScanController.ts index c716b50..ed7df91 100644 --- a/src/controllers/ScanController.ts +++ b/src/controllers/ScanController.ts @@ -55,7 +55,7 @@ export class ScanController { @UseBefore(ScanAuth) @ResponseSchema(ResponseScan) @ResponseSchema(RunnerNotFoundError, { statusCode: 404 }) - @OpenAPI({ description: 'Create a new scan.
Please remeber to provide the scan\'s runner\'s id and distance for normal scans.' }) + @OpenAPI({ description: 'Create a new scan.
Please remeber to provide the scan\'s runner\'s id and distance for normal scans.', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) async post(@Body({ validate: true }) createScan: CreateScan) { let scan = await createScan.toScan(); scan = await this.scanRepository.save(scan); @@ -66,7 +66,7 @@ export class ScanController { @UseBefore(ScanAuth) @ResponseSchema(ResponseScan) @ResponseSchema(RunnerNotFoundError, { statusCode: 404 }) - @OpenAPI({ description: 'Create a new track scan.
This is just a alias for posting /scans' }) + @OpenAPI({ description: 'Create a new track scan.
This is just a alias for posting /scans', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] }) async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan) { return this.post(createScan); } diff --git a/src/loaders/openapi.ts b/src/loaders/openapi.ts index 5ab892c..bd8318c 100644 --- a/src/loaders/openapi.ts +++ b/src/loaders/openapi.ts @@ -39,7 +39,12 @@ export default async (app: Application) => { "StatsApiToken": { "type": "http", "scheme": "bearer", - description: "Api token that can be obtained by creating a new stats client (post to /api/statsclients)." + description: "Api token that can be obtained by creating a new stats client (post to /api/statsclients). Only valid for obtaining stats." + }, + "StationApiToken": { + "type": "http", + "scheme": "bearer", + description: "Api token that can be obtained by creating a new scan station (post to /api/stations). Only valid for creating scans." } } },