nathan/smt
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases 2 Wiki Activity

update readme
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Nathan Coad
2024-01-05 14:07:16 +11:00
parent d45e61f59e
commit aba655cd3b
2 changed files with 16 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
README.md
View File

@@ -78,6 +78,18 @@ WantedBy=multi-user.target
``` ```
## API ## API
### Login
POST `/api/login`
Data
```
{
"username": "example_username",
"password": "example_password"
}
```
This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of `access_token`, and must be supplied via a HTTP header in the form `"Authorization: Bearer <JWT_TOKEN>"` for all subsequent API calls.
### Unlock ### Unlock
POST `/api/admin/unlock` POST `/api/admin/unlock`
@@ -120,17 +132,11 @@ Data
This operation can only be performed by a user with a role that is admin enabled. Removes user account corresponding to specified userName. This operation can only be performed by a user with a role that is admin enabled. Removes user account corresponding to specified userName.
#### Login
POST `/api/login`
Data #### List Users
``` GET `/api/admin/users`
{
"username": "example_username", This operation can only be performed by a user with a role that is admin enabled. Lists currently defined users.
"password": "example_password"
}
```
This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of `access_token`, and must be supplied via a HTTP header in the form `"Authorization: Bearer <JWT_TOKEN>"` for all subsequent API calls.
### Role Operations ### Role Operations
@@ -158,11 +164,6 @@ Users allocated to this role will only be able to access secrets that are part o
Ldap group must be specified via the full distinguishedName. The simplest way to get this information is to run the command `dsquery group -name <known group name>` from a windows machine. Ldap group must be specified via the full distinguishedName. The simplest way to get this information is to run the command `dsquery group -name <known group name>` from a windows machine.
#### List Users
GET `/api/admin/users`
This operation can only be performed by a user with a role that is admin enabled. Lists currently defined users.
### Secrets Operations ### Secrets Operations
#### Store #### Store

11
main.go
View File

@@ -175,13 +175,6 @@ func main() {
// Recovery middleware recovers from any panics and writes a 500 if there was one. // Recovery middleware recovers from any panics and writes a 500 if there was one.
router.Use(gin.Recovery()) router.Use(gin.Recovery())
/*
// TODO - think of a better default landing page
router.GET("/", func(c *gin.Context) {
c.String(http.StatusOK, fmt.Sprintf("SMT Built on %s from sha1 %s\n", buildTime, sha1ver))
})
*/
// Set some options for TLS // Set some options for TLS
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS12,
@@ -238,10 +231,6 @@ func main() {
TLSConfig: tlsConfig, TLSConfig: tlsConfig,
} }
// Set the default readme page
//router.Use(EmbedReact("/", "static_files", staticDir))
//router.Use(static.Serve("/", static.LocalFile("./static_files", true)))
// Serve the embedded HTML file if no other routes match // Serve the embedded HTML file if no other routes match
router.NoRoute(staticFileServer(staticContent)) router.NoRoute(staticFileServer(staticContent))