From ecb815043a2dc4cb453f620eb30598223de74d9a Mon Sep 17 00:00:00 2001 From: Tyler Murphy Date: Thu, 2 Feb 2023 16:15:19 -0500 Subject: [PATCH] api docs --- public/api.html | 542 ++++++++++++++++++++++++++++++++++++++++++++ public/css/api.css | 128 +++++++++++ src/api/posts.rs | 2 +- src/public/pages.rs | 5 + 4 files changed, 676 insertions(+), 1 deletion(-) create mode 100644 public/api.html create mode 100644 public/css/api.css diff --git a/public/api.html b/public/api.html new file mode 100644 index 0000000..6e6086a --- /dev/null +++ b/public/api.html @@ -0,0 +1,542 @@ + + + + + + + + + XSSBook - API Documentation + + + +
+
+
+ POST + /api/auth/register + Registeres a new account +
+
+

Body

+
+ {
+ "firstname" : "[Object"
+ "lastname" : "object]"
+ "email" : "object@object.object"
+ "password" : "i love js"
+ "gender" : "lettuce"
+ "day" : 1
+ "month" : 1
+ "year" : 1970
+ }
+
+

Responses

+
+ 201 + Successfully created new user, auth cookie is returned +
+
+ 400 + Body does not match paramaters +
+
+
+
+
+ POST + /api/auth/login + Logs into an existing account +
+
+

Body

+
+ {
+ "email" : "object@object.object"
+ "password" : "i love js"
+ }
+
+

Responses

+
+ 200 + Successfully logged in, auth cookie is returned +
+
+ 400 + Body does not match paramaters, or email/password is already in use +
+
+
+
+
+ POST + /api/auth/logout + Logs out of an logged in account + auth cookie is required for authentication +
+
+

Responses

+
+ 200 + Successfully logged out +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to log out user +
+
+
+
+
+ POST + /api/posts/create + Creates a new post + auth cookie is required for authentication +
+
+

Body

+
+ {
+ "content" : "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua."
+ }
+
+

Responses

+
+ 201 + Successfully created post +
+
+ 400 + Body does not match paramaters +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to create post +
+
+
+
+
+ POST + /api/posts/page + Load a section of posts from newest to oldest + auth cookie is required for authentication +
+
+

Body

+
+ {
+ "page" : 0
+ }
+
+

Responses

+
+ 200 + Returns posts in application/json +
+
+ 400 + Body does not match paramaters +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch posts +
+
+
+
+
+ POST + /api/posts/user + Load a section of posts from newest to oldest from a specific user + auth cookie is required for authentication +
+
+

Body

+
+ {
+ "user_id" : 3
+ "page" : 0
+ }
+
+

Responses

+
+ 200 + Returns posts in application/json +
+
+ 400 + Body does not match paramaters +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch posts +
+
+
+
+
+ PATCH + /api/posts/comment + Adds a comment to a post + auth cookie is required for authentication +
+
+

Body

+
+ {
+ "content" : "This is a very good post"
+ "post_id" : 0
+ }
+
+

Responses

+
+ 200 + Successfully added comment +
+
+ 400 + Body does not match paramaters +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to add comment +
+
+
+
+
+ PATCH + /api/posts/like + Set like status on a post + auth cookie is required for authentication +
+
+

Body

+
+ {
+ "state" : true
+ "post_id" : 0
+ }
+
+

Responses

+
+ 200 + Successfully set like status +
+
+ 400 + Body does not match paramaters +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to set like status +
+
+
+
+
+ POST + /api/users/load + Load a requested set of users + auth cookie is required for authentication +
+
+

Body

+
+ {
+ "ids" : [0,3,7]
+ }
+
+

Responses

+
+ 200 + Returns users in application/json +
+
+ 400 + Body does not match paramaters +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch users +
+
+
+
+
+ POST + /api/users/page + Load a section of users from newest to oldest + auth cookie is required for authentication +
+
+

Body

+
+ {
+ "page" : 0
+ }
+
+

Responses

+
+ 200 + Returns users in application/json +
+
+ 400 + Body does not match paramaters +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch users +
+
+
+
+
+ POST + /api/users/self + Returns current authenticated user (whoami) + auth cookie is required for authentication +
+
+

Responses

+
+ 200 + Returns authed user in application/json +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch user +
+
+
+
+
+ PUT + /api/users/avatar + Set your current profile avatar + auth cookie is required for authentication +
+
+

Body

+
+ PNG sent as a binary blob +
+

Responses

+
+ 200 + Successfully updated avatar +
+
+ 400 + Invalid PNG or disallowed size +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to update avatar +
+
+
+
+
+ PUT + /api/users/banner + Set your current profile banner + auth cookie is required for authentication +
+
+

Body

+
+ PNG sent as a binary blob +
+

Responses

+
+ 200 + Successfully updated banner +
+
+ 400 + Invalid PNG or disallowed size +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to update banner +
+
+
+
+
+ POST + /api/admin/auth + Authenticates on the admin panel +
+
+

Body

+
+ {
+ "secret" : "admin"
+ }
+
+

Responses

+
+ 200 + Successfully authed, admin cookie returned +
+
+ 400 + Body does match parameters, or invalid admin scret +
+
+
+
+
+ POST + /api/admin/query + Run a SQL query on the database + admin cookie is required for authentication +
+
+

Body

+
+ {
+ "query" : "DROP TABLE users;"
+ }
+
+

Responses

+
+ 200 + Successfully ran SQL query +
+
+ 400 + Body does match parameters +
+
+ 401 + Unauthorized +
+
+ 500 + SQL query error +
+
+
+
+
+ POST + /api/admin/posts + Returns the entire posts table + admin cookie is required for authentication +
+
+

Responses

+
+ 200 + Returns sql table in text/html +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch data +
+
+
+
+
+ POST + /api/admin/users + Returns the entire users table + admin cookie is required for authentication +
+
+

Responses

+
+ 200 + Returns sql table in text/html +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch data +
+
+
+
+
+ POST + /api/admin/sessions + Returns the entire posts sessions + admin cookie is required for authentication +
+
+

Responses

+
+ 200 + Returns sql table in text/html +
+
+ 401 + Unauthorized +
+
+ 500 + Failed to fetch data +
+
+
+
+ \ No newline at end of file diff --git a/public/css/api.css b/public/css/api.css new file mode 100644 index 0000000..8358538 --- /dev/null +++ b/public/css/api.css @@ -0,0 +1,128 @@ +body { + margin: 0; + padding: 0; + background-color: #181818; + overflow-x: hidden; + font-family: sfpro; +} + +#docs { + margin-top: 5.5em; + width: 100%; + display: flex; + flex-direction: column; + align-items: center; +} + +#docs>div { + display: block; + max-width: 100%; + width: 100em; + background-color: #242424; + border-radius: .5em; + padding: 1em; + box-shadow: 0 2px 4px rgba(0, 0, 0, .05), 0 8px 16px rgba(0, 0, 0, .05); + margin-bottom: 2em; +} + +.endpoint { + width: 100%; + height: 3em; + display: flex; + align-items: center; + flex-direction: row; +} + +.method { + font-family: sfprobold; + font-size: 1em; + color: #e2ded6; + display: flex; + justify-content: center; + align-items: center; + border-radius: 3px; + width: 5em; + height: 2em; + margin-left: .5em; +} + +.uri { + margin-left: 1em; + font-size: 1.25em; + display: inline-block; + font-family: sfprobold; +} + +.auth { + flex: 1; + text-align: right; + padding-right: 20px; + font-size: 1.25em; +} + +.desc { + margin-left: 2em; +} + +.info { + width: 100%; + font-family: sfpro; + display: flex; + flex-direction: column; +} + +h2 { + border-bottom: 1px solid #e2ded6; + margin-top: 0; + padding: 10px; + font-size: 20px; +} + +.info div { + width: calc(100% - 4em); + margin-left: 2em; + padding-bottom: .5em; +} + +.ptype { + font-size: 1.25em; + width: 20em; + display: inline-block; +} + +.auth span, .ptype span, .pdesc span { + color: orange; +} + +.bigger { + width: 100%; + margin-left: 2em; +} + +.pdesc { + font-size: 1em; + display: inline-block; +} + +.body { + padding: 20px !important; + width: calc(100% - 4em - 40px) !important; + display: block; + background-color: #181818; +} + +.post { + background-color: #853fe0ff; +} + +.patch { + background-color: #e0773f; +} + +.put { + background-color: #bfa354; +} + +.key { + margin-left: 40px; +} \ No newline at end of file diff --git a/src/api/posts.rs b/src/api/posts.rs index d85fb98..6aa074f 100644 --- a/src/api/posts.rs +++ b/src/api/posts.rs @@ -119,7 +119,7 @@ async fn comment( Json(body): Json, ) -> Response { let Ok(mut post) = Post::from_post_id(body.post_id) else { - return ResponseCode::InternalServerError.text("Failed to fetch posts") + return ResponseCode::InternalServerError.text("Failed to add comment") }; if let Err(err) = post.comment(user.user_id, body.content) { diff --git a/src/public/pages.rs b/src/public/pages.rs index 1614d81..196a441 100644 --- a/src/public/pages.rs +++ b/src/public/pages.rs @@ -48,6 +48,10 @@ async fn admin() -> Response { super::serve("/admin.html").await } +async fn api() -> Response { + super::serve("/api.html").await +} + async fn wordpress(_: Log) -> Response { ResponseCode::ImATeapot.text("Hello i am a teapot owo") } @@ -62,4 +66,5 @@ pub fn router() -> Router { .route("/console", get(console)) .route("/wp-admin", get(wordpress)) .route("/admin", get(admin)) + .route("/docs", get(api)) }