API - CRUD for peers, interfaces and users (#340)

Public REST API implementation to handle peers, interfaces and users. It also includes some simple provisioning endpoints. The Swagger API documentation is available under /api/v1/doc.html
2025-09-14 06:51:15 +00:00 · 2025-01-11 18:44:55 +01:00
parent ad267ed0a8
commit d596f578f6
53 changed files with 11028 additions and 274 deletions
--- a/internal/app/api/v0/model/models.go
+++ b/internal/app/api/v0/model/models.go
@@ -9,4 +9,5 @@ type Settings struct {
 	MailLinkOnly              bool `json:"MailLinkOnly"`
 	PersistentConfigSupported bool `json:"PersistentConfigSupported"`
 	SelfProvisioning          bool `json:"SelfProvisioning"`
+	ApiAdminOnly              bool `json:"ApiAdminOnly"`
 }
--- a/internal/app/api/v0/model/models_user.go
+++ b/internal/app/api/v0/model/models_user.go
@@ -25,37 +25,50 @@ type User struct {
 	Locked         bool   `json:"Locked"`         // if this field is set, the user is locked
 	LockedReason   string `json:"LockedReason"`   // the reason why the user has been locked

+	ApiToken        string     `json:"ApiToken"`
+	ApiTokenCreated *time.Time `json:"ApiTokenCreated,omitempty"`
+	ApiEnabled      bool       `json:"ApiEnabled"`
+
 	// Calculated

 	PeerCount int `json:"PeerCount"`
 }

-func NewUser(src *domain.User) *User {
-	return &User{
-		Identifier:     string(src.Identifier),
-		Email:          src.Email,
-		Source:         string(src.Source),
-		ProviderName:   src.ProviderName,
-		IsAdmin:        src.IsAdmin,
-		Firstname:      src.Firstname,
-		Lastname:       src.Lastname,
-		Phone:          src.Phone,
-		Department:     src.Department,
-		Notes:          src.Notes,
-		Password:       "", // never fill password
-		Disabled:       src.IsDisabled(),
-		DisabledReason: src.DisabledReason,
-		Locked:         src.IsLocked(),
-		LockedReason:   src.LockedReason,
+func NewUser(src *domain.User, exposeCreds bool) *User {
+	u := &User{
+		Identifier:      string(src.Identifier),
+		Email:           src.Email,
+		Source:          string(src.Source),
+		ProviderName:    src.ProviderName,
+		IsAdmin:         src.IsAdmin,
+		Firstname:       src.Firstname,
+		Lastname:        src.Lastname,
+		Phone:           src.Phone,
+		Department:      src.Department,
+		Notes:           src.Notes,
+		Password:        "", // never fill password
+		Disabled:        src.IsDisabled(),
+		DisabledReason:  src.DisabledReason,
+		Locked:          src.IsLocked(),
+		LockedReason:    src.LockedReason,
+		ApiToken:        "", // by default, do not expose API token
+		ApiTokenCreated: src.ApiTokenCreated,
+		ApiEnabled:      src.IsApiEnabled(),

 		PeerCount: src.LinkedPeerCount,
 	}
+
+	if exposeCreds {
+		u.ApiToken = src.ApiToken
+	}
+
+	return u
 }

 func NewUsers(src []domain.User) []User {
 	results := make([]User, len(src))
 	for i := range src {
-		results[i] = *NewUser(&src[i])
+		results[i] = *NewUser(&src[i], false)
 	}

 	return results