API - CRUD for peers, interfaces and users (#340)

Public REST API implementation to handle peers, interfaces and users. It also includes some simple provisioning endpoints.

The Swagger API documentation is available under /api/v1/doc.html

internal/app/api/v0/handlers/base.go

@@ -1,6 +1,9 @@
 package handlers
 
 import (
+	"net/http"
+	"strings"
+
 	"github.com/gin-contrib/cors"
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-contrib/sessions/memstore"
@@ -10,8 +13,6 @@ import (
 	"github.com/h44z/wg-portal/internal/app/api/v0/model"
 	"github.com/h44z/wg-portal/internal/config"
 	csrf "github.com/utrack/gin-csrf"
-	"net/http"
-	"strings"
 )
 
 type handler interface {
@@ -20,12 +21,12 @@ type handler interface {
 }
 
 // To compile the API documentation use the
-// build_tool
-// command that can be found in the $PROJECT_ROOT/internal/ports/api/build_tool directory.
+// api_build_tool
+// command that can be found in the $PROJECT_ROOT/cmd/api_build_tool directory.
 
-// @title WireGuard Portal API
+// @title WireGuard Portal SPA-UI API
 // @version 0.0
-// @description WireGuard Portal API - a testing API endpoint
+// @description WireGuard Portal API - UI Endpoints
 
 // @contact.name WireGuard Portal Developers
 // @contact.url https://github.com/h44z/wg-portal

internal/app/api/v0/handlers/endpoint_config.go

@@ -4,13 +4,14 @@ import (
 	"bytes"
 	"embed"
 	"fmt"
-	"github.com/gin-gonic/gin"
-	"github.com/h44z/wg-portal/internal/app"
-	"github.com/h44z/wg-portal/internal/app/api/v0/model"
 	"html/template"
 	"net"
 	"net/http"
 	"net/url"
+
+	"github.com/gin-gonic/gin"
+	"github.com/h44z/wg-portal/internal/app"
+	"github.com/h44z/wg-portal/internal/app/api/v0/model"
 )
 
 //go:embed frontend_config.js.gotpl
@@ -63,7 +64,8 @@ func (e configEndpoint) handleConfigJsGet() gin.HandlerFunc {
 			if err == nil {
 				host, port, _ = net.SplitHostPort(parsedReferer.Host)
 			}
-			backendUrl = fmt.Sprintf("http://%s:%s/api/v0", host, port) // override if request comes from frontend started with npm run dev
+			backendUrl = fmt.Sprintf("http://%s:%s/api/v0", host,
+				port) // override if request comes from frontend started with npm run dev
 		}
 		buf := &bytes.Buffer{}
 		err := e.tpl.ExecuteTemplate(buf, "frontend_config.js.gotpl", gin.H{
@@ -96,6 +98,7 @@ func (e configEndpoint) handleSettingsGet() gin.HandlerFunc {
 			MailLinkOnly:              e.app.Config.Mail.LinkOnly,
 			PersistentConfigSupported: e.app.Config.Advanced.ConfigStoragePath != "",
 			SelfProvisioning:          e.app.Config.Core.SelfProvisioningAllowed,
+			ApiAdminOnly:              e.app.Config.Advanced.ApiAdminOnly,
 		})
 	}
 }

internal/app/api/v0/handlers/endpoint_peers.go

@@ -1,12 +1,13 @@
 package handlers
 
 import (
+	"io"
+	"net/http"
+
 	"github.com/gin-gonic/gin"
 	"github.com/h44z/wg-portal/internal/app"
 	"github.com/h44z/wg-portal/internal/app/api/v0/model"
 	"github.com/h44z/wg-portal/internal/domain"
-	"io"
-	"net/http"
 )
 
 type peerEndpoint struct {
@@ -57,7 +58,8 @@ func (e peerEndpoint) handleAllGet() gin.HandlerFunc {
 
 		_, peers, err := e.app.GetInterfaceAndPeers(ctx, domain.InterfaceIdentifier(interfaceId))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -88,7 +90,8 @@ func (e peerEndpoint) handleSingleGet() gin.HandlerFunc {
 
 		peer, err := e.app.GetPeer(ctx, domain.PeerIdentifier(peerId))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -119,7 +122,8 @@ func (e peerEndpoint) handlePrepareGet() gin.HandlerFunc {
 
 		peer, err := e.app.PreparePeer(ctx, domain.InterfaceIdentifier(interfaceId))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -163,7 +167,8 @@ func (e peerEndpoint) handleCreatePost() gin.HandlerFunc {
 
 		newPeer, err := e.app.CreatePeer(ctx, model.NewDomainPeer(&p))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -200,9 +205,11 @@ func (e peerEndpoint) handleCreateMultiplePost() gin.HandlerFunc {
 			return
 		}
 
-		newPeers, err := e.app.CreateMultiplePeers(ctx, domain.InterfaceIdentifier(interfaceId), model.NewDomainPeerCreationRequest(&req))
+		newPeers, err := e.app.CreateMultiplePeers(ctx, domain.InterfaceIdentifier(interfaceId),
+			model.NewDomainPeerCreationRequest(&req))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -246,7 +253,8 @@ func (e peerEndpoint) handleUpdatePut() gin.HandlerFunc {
 
 		updatedPeer, err := e.app.UpdatePeer(ctx, model.NewDomainPeer(&p))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -277,7 +285,8 @@ func (e peerEndpoint) handleDelete() gin.HandlerFunc {
 
 		err := e.app.DeletePeer(ctx, domain.PeerIdentifier(id))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -333,9 +342,10 @@ func (e peerEndpoint) handleConfigGet() gin.HandlerFunc {
 // @ID peers_handleQrCodeGet
 // @Tags Peer
 // @Summary Get peer configuration as qr code.
+// @Produce png
 // @Produce json
 // @Param id path string true "The peer identifier"
-// @Success 200 {object} string
+// @Success 200 {file} binary
 // @Failure 400 {object} model.Error
 // @Failure 500 {object} model.Error
 // @Router /peer/config-qr/{id} [get]
@@ -403,7 +413,8 @@ func (e peerEndpoint) handleEmailPost() gin.HandlerFunc {
 		}
 		err = e.app.SendPeerEmail(ctx, req.LinkOnly, peerIds...)
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -434,7 +445,8 @@ func (e peerEndpoint) handleStatsGet() gin.HandlerFunc {
 
 		stats, err := e.app.GetPeerStats(ctx, domain.InterfaceIdentifier(interfaceId))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 

internal/app/api/v0/handlers/endpoint_users.go

@@ -1,11 +1,12 @@
 package handlers
 
 import (
+	"net/http"
+
 	"github.com/gin-gonic/gin"
 	"github.com/h44z/wg-portal/internal/app"
 	"github.com/h44z/wg-portal/internal/app/api/v0/model"
 	"github.com/h44z/wg-portal/internal/domain"
-	"net/http"
 )
 
 type userEndpoint struct {
@@ -27,6 +28,8 @@ func (e userEndpoint) RegisterRoutes(g *gin.RouterGroup, authenticator *authenti
 	apiGroup.POST("/new", e.authenticator.LoggedIn(ScopeAdmin), e.handleCreatePost())
 	apiGroup.GET("/:id/peers", e.authenticator.UserIdMatch("id"), e.handlePeersGet())
 	apiGroup.GET("/:id/stats", e.authenticator.UserIdMatch("id"), e.handleStatsGet())
+	apiGroup.POST("/:id/api/enable", e.authenticator.UserIdMatch("id"), e.handleApiEnablePost())
+	apiGroup.POST("/:id/api/disable", e.authenticator.UserIdMatch("id"), e.handleApiDisablePost())
 }
 
 // handleAllGet returns a gorm handler function.
@@ -44,7 +47,8 @@ func (e userEndpoint) handleAllGet() gin.HandlerFunc {
 
 		users, err := e.app.GetAllUsers(ctx)
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -74,11 +78,12 @@ func (e userEndpoint) handleSingleGet() gin.HandlerFunc {
 
 		user, err := e.app.GetUser(ctx, domain.UserIdentifier(id))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
-		c.JSON(http.StatusOK, model.NewUser(user))
+		c.JSON(http.StatusOK, model.NewUser(user, true))
 	}
 }
 
@@ -118,11 +123,12 @@ func (e userEndpoint) handleUpdatePut() gin.HandlerFunc {
 
 		updateUser, err := e.app.UpdateUser(ctx, model.NewDomainUser(&user))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
-		c.JSON(http.StatusOK, model.NewUser(updateUser))
+		c.JSON(http.StatusOK, model.NewUser(updateUser, false))
 	}
 }
 
@@ -150,11 +156,12 @@ func (e userEndpoint) handleCreatePost() gin.HandlerFunc {
 
 		newUser, err := e.app.CreateUser(ctx, model.NewDomainUser(&user))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
-		c.JSON(http.StatusOK, model.NewUser(newUser))
+		c.JSON(http.StatusOK, model.NewUser(newUser, false))
 	}
 }
 
@@ -174,13 +181,15 @@ func (e userEndpoint) handlePeersGet() gin.HandlerFunc {
 
 		interfaceId := Base64UrlDecode(c.Param("id"))
 		if interfaceId == "" {
-			c.JSON(http.StatusBadRequest, model.Error{Code: http.StatusInternalServerError, Message: "missing id parameter"})
+			c.JSON(http.StatusBadRequest,
+				model.Error{Code: http.StatusInternalServerError, Message: "missing id parameter"})
 			return
 		}
 
 		peers, err := e.app.GetUserPeers(ctx, domain.UserIdentifier(interfaceId))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -204,13 +213,15 @@ func (e userEndpoint) handleStatsGet() gin.HandlerFunc {
 
 		userId := Base64UrlDecode(c.Param("id"))
 		if userId == "" {
-			c.JSON(http.StatusBadRequest, model.Error{Code: http.StatusInternalServerError, Message: "missing id parameter"})
+			c.JSON(http.StatusBadRequest,
+				model.Error{Code: http.StatusInternalServerError, Message: "missing id parameter"})
 			return
 		}
 
 		stats, err := e.app.GetUserPeerStats(ctx, domain.UserIdentifier(userId))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
@@ -241,10 +252,75 @@ func (e userEndpoint) handleDelete() gin.HandlerFunc {
 
 		err := e.app.DeleteUser(ctx, domain.UserIdentifier(id))
 		if err != nil {
-			c.JSON(http.StatusInternalServerError, model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
 			return
 		}
 
 		c.Status(http.StatusNoContent)
 	}
 }
+
+// handleApiEnablePost returns a gorm handler function.
+//
+// @ID users_handleApiEnablePost
+// @Tags Users
+// @Summary Enable the REST API for the given user.
+// @Produce json
+// @Success 200 {object} model.User
+// @Failure 400 {object} model.Error
+// @Failure 500 {object} model.Error
+// @Router /user/{id}/api/enable [post]
+func (e userEndpoint) handleApiEnablePost() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		ctx := domain.SetUserInfoFromGin(c)
+
+		userId := Base64UrlDecode(c.Param("id"))
+		if userId == "" {
+			c.JSON(http.StatusBadRequest,
+				model.Error{Code: http.StatusInternalServerError, Message: "missing id parameter"})
+			return
+		}
+
+		user, err := e.app.ActivateApi(ctx, domain.UserIdentifier(userId))
+		if err != nil {
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			return
+		}
+
+		c.JSON(http.StatusOK, model.NewUser(user, true))
+	}
+}
+
+// handleApiDisablePost returns a gorm handler function.
+//
+// @ID users_handleApiDisablePost
+// @Tags Users
+// @Summary Disable the REST API for the given user.
+// @Produce json
+// @Success 200 {object} model.User
+// @Failure 400 {object} model.Error
+// @Failure 500 {object} model.Error
+// @Router /user/{id}/api/disable [post]
+func (e userEndpoint) handleApiDisablePost() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		ctx := domain.SetUserInfoFromGin(c)
+
+		userId := Base64UrlDecode(c.Param("id"))
+		if userId == "" {
+			c.JSON(http.StatusBadRequest,
+				model.Error{Code: http.StatusInternalServerError, Message: "missing id parameter"})
+			return
+		}
+
+		user, err := e.app.DeactivateApi(ctx, domain.UserIdentifier(userId))
+		if err != nil {
+			c.JSON(http.StatusInternalServerError,
+				model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
+			return
+		}
+
+		c.JSON(http.StatusOK, model.NewUser(user, false))
+	}
+}