Merge branch 'dockerbuild' of https://github.com/Abbhiishek/keyshade …

…into dockerbuild

.env.example

@@ -5,6 +5,8 @@ GITHUB_CLIENT_ID=
 GITHUB_CLIENT_SECRET= 
 GITHUB_CALLBACK_URL=
 
+API_PORT= 
+
 GOOGLE_CLIENT_ID=
 GOOGLE_CLIENT_SECRET=
 GOOGLE_CALLBACK_URL=

.github/CODEOWNERS

@@ -0,0 +1,5 @@
+# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
+
+apps/web @kriptonian1
+apps/workspace @kriptonian1
+apps/api @rajdip-b

.github/workflows/stage-api.yml

@@ -2,7 +2,7 @@ on:
   push:
     branches:
       - develop
-    paths: ['apps/api/**', '.github/workflows/stage-api.yml']
+    paths: ['apps/api/**', '.github/workflows/stage-api.yml', 'fly.api.toml']
 
 env:
   SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}

.github/workflows/stage-web.yml

@@ -2,7 +2,7 @@ on:
   push:
     branches:
       - develop
-    paths: ['apps/web/**', '.github/workflows/stage-web.yml']
+    paths: ['apps/web/**', '.github/workflows/stage-web.yml', 'fly.web.toml']
 
 jobs:
   deploy-stage:

apps/api/Dockerfile

@@ -27,6 +27,6 @@ RUN pnpm db:generate-types
 RUN pnpm build:api
 RUN pnpm sourcemaps:api
 
-EXPOSE 4200
+EXPOSE ${API_PORT:-4200}
 
 ENTRYPOINT ["node", "apps/api/dist/main.js"]

apps/api/src/api-key/api-key.e2e.spec.ts

@@ -261,7 +261,7 @@ describe('Api Key Role Controller Tests', () => {
       }
     })
 
-    expect(response.statusCode).toBe(200)
+    expect(response.statusCode).toBe(204)
   })
 
   afterAll(async () => {

apps/api/src/api-key/controller/api-key.controller.ts

@@ -3,6 +3,7 @@ import {
   Controller,
   Delete,
   Get,
+  HttpCode,
   Param,
   Post,
   Put,
@@ -14,19 +15,81 @@ import { CreateApiKey } from '../dto/create.api-key/create.api-key'
 import { UpdateApiKey } from '../dto/update.api-key/update.api-key'
 import { Authority, User } from '@prisma/client'
 import { RequiredApiKeyAuthorities } from '../../decorators/required-api-key-authorities.decorator'
+import {
+  ApiBearerAuth,
+  ApiCreatedResponse,
+  ApiForbiddenResponse,
+  ApiNoContentResponse,
+  ApiOkResponse,
+  ApiOperation,
+  ApiParam,
+  ApiQuery,
+  ApiSecurity,
+  ApiTags
+} from '@nestjs/swagger'
+import { invalidAuthenticationResponse } from '../../common/static'
+
+const baseProperties = {
+  id: { type: 'string' },
+  name: { type: 'string' },
+  expiresAt: { type: 'string' },
+  authorities: { type: 'array', items: { type: 'string' } },
+  createdAt: { type: 'string' },
+  updatedAt: { type: 'string' }
+}
+
+const apiKeySchemaWithValue = {
+  type: 'object',
+  properties: {
+    ...baseProperties,
+    value: { type: 'string' }
+  }
+}
+
+const apiKeySchema = {
+  type: 'object',
+  properties: baseProperties
+}
 
 @Controller('api-key')
+@ApiBearerAuth()
+@ApiSecurity('api_key')
+@ApiTags('API Key Controller')
 export class ApiKeyController {
   constructor(private readonly apiKeyService: ApiKeyService) {}
 
   @Post()
   @RequiredApiKeyAuthorities(Authority.CREATE_API_KEY)
+  @ApiOperation({
+    summary: 'Create API key',
+    description: 'This endpoint creates a new API key'
+  })
+  @ApiCreatedResponse({
+    schema: apiKeySchemaWithValue,
+    description: 'API key created successfully'
+  })
+  @ApiForbiddenResponse(invalidAuthenticationResponse)
   async createApiKey(@CurrentUser() user: User, @Body() dto: CreateApiKey) {
     return this.apiKeyService.createApiKey(user, dto)
   }
 
   @Put(':id')
   @RequiredApiKeyAuthorities(Authority.UPDATE_API_KEY)
+  @ApiOperation({
+    summary: 'Update API key',
+    description: 'This endpoint updates an existing API key'
+  })
+  @ApiParam({
+    name: 'id',
+    description: 'API key ID',
+    required: true,
+    schema: { type: 'string' }
+  })
+  @ApiOkResponse({
+    schema: apiKeySchema,
+    description: 'API key updated successfully'
+  })
+  @ApiForbiddenResponse(invalidAuthenticationResponse)
   async updateApiKey(
     @CurrentUser() user: User,
     @Body() dto: UpdateApiKey,
@@ -37,21 +100,103 @@ export class ApiKeyController {
 
   @Delete(':id')
   @RequiredApiKeyAuthorities(Authority.DELETE_API_KEY)
+  @HttpCode(204)
+  @ApiOperation({
+    summary: 'Delete API key',
+    description: 'This endpoint deletes an existing API key'
+  })
+  @ApiParam({
+    name: 'id',
+    description: 'API key ID',
+    required: true,
+    schema: { type: 'string' }
+  })
+  @ApiNoContentResponse({
+    description: 'API key deleted successfully'
+  })
+  @ApiForbiddenResponse(invalidAuthenticationResponse)
   async deleteApiKey(@CurrentUser() user: User, @Param('id') id: string) {
     return this.apiKeyService.deleteApiKey(user, id)
   }
 
   @Get(':id')
   @RequiredApiKeyAuthorities(Authority.READ_API_KEY)
+  @ApiOperation({
+    summary: 'Get API key',
+    description: 'This endpoint returns the details of an API key'
+  })
+  @ApiParam({
+    name: 'id',
+    description: 'API key ID',
+    required: true,
+    schema: { type: 'string' }
+  })
+  @ApiOkResponse({
+    schema: apiKeySchemaWithValue,
+    description: 'API key details'
+  })
+  @ApiForbiddenResponse(invalidAuthenticationResponse)
   async getApiKey(@CurrentUser() user: User, @Param('id') id: string) {
     return this.apiKeyService.getApiKeyById(user, id)
   }
 
   @Get('all')
   @RequiredApiKeyAuthorities(Authority.READ_API_KEY)
+  @ApiOperation({
+    summary: 'Get all API keys',
+    description: 'This endpoint returns all API keys of the user'
+  })
+  @ApiQuery({
+    name: 'page',
+    description: 'Page number',
+    required: false,
+    type: Number,
+    example: 1,
+    allowEmptyValue: false
+  })
+  @ApiQuery({
+    name: 'limit',
+    description: 'Number of items per page',
+    required: false,
+    type: Number,
+    example: 10,
+    allowEmptyValue: false
+  })
+  @ApiQuery({
+    name: 'sort',
+    description: 'Sort by field',
+    required: false,
+    type: String,
+    example: 'name',
+    allowEmptyValue: false
+  })
+  @ApiQuery({
+    name: 'order',
+    description: 'Sort order',
+    required: false,
+    type: String,
+    example: 'asc',
+    allowEmptyValue: false
+  })
+  @ApiQuery({
+    name: 'search',
+    description: 'Search by name',
+    required: false,
+    type: String,
+    example: 'My API Key',
+    allowEmptyValue: false
+  })
+  @ApiOkResponse({
+    schema: {
+      type: 'array',
+      items: apiKeySchema
+    },
+    description: 'API keys'
+  })
+  @ApiForbiddenResponse(invalidAuthenticationResponse)
   async getApiKeysOfUser(
     @CurrentUser() user: User,
-    @Query('page') page: number = 1,
+    @Query('page') page: number = 0,
     @Query('limit') limit: number = 10,
     @Query('sort') sort: string = 'name',
     @Query('order') order: string = 'asc',

apps/api/src/api-key/dto/create.api-key/create.api-key.ts

@@ -1,15 +1,39 @@
+import { ApiProperty } from '@nestjs/swagger'
 import { ApiKey, Authority } from '@prisma/client'
 import { IsArray, IsOptional, IsString } from 'class-validator'
 
 export class CreateApiKey {
   @IsString()
+  @ApiProperty({
+    name: 'name',
+    description: 'Name of the API key',
+    required: true,
+    type: String,
+    example: 'My API Key'
+  })
   name: ApiKey['name']
 
   @IsString()
   @IsOptional()
+  @ApiProperty({
+    name: 'expiresAfter',
+    description: 'API key expiration time in hours',
+    required: false,
+    type: String,
+    example: '24',
+    default: 'never'
+  })
   expiresAfter?: '24' | '168' | '720' | '8760' | 'never' = 'never'
 
   @IsArray()
   @IsOptional()
+  @ApiProperty({
+    name: 'authorities',
+    description: 'API key authorities',
+    required: false,
+    type: [String],
+    example: ['READ_SELF', 'UPDATE_SELF'],
+    default: []
+  })
   authorities?: Authority[] = []
 }

apps/api/src/api-key/service/api-key.service.ts

@@ -131,7 +131,7 @@ export class ApiKeyService {
           contains: search
         }
       },
-      skip: (page - 1) * limit,
+      skip: page * limit,
       take: limit,
       orderBy: {
         [sort]: order

apps/api/src/auth/controller/auth.controller.ts

@@ -13,7 +13,13 @@ import {
 import { AuthService } from '../service/auth.service'
 import { UserAuthenticatedResponse } from '../auth.types'
 import { Public } from '../../decorators/public.decorator'
-import { ApiOperation, ApiParam, ApiResponse, ApiTags } from '@nestjs/swagger'
+import {
+  ApiOperation,
+  ApiParam,
+  ApiQuery,
+  ApiResponse,
+  ApiTags
+} from '@nestjs/swagger'
 import { AuthGuard } from '@nestjs/passport'
 import { GithubOAuthStrategyFactory } from '../../config/factory/github/github-strategy.factory'
 import { GoogleOAuthStrategyFactory } from '../../config/factory/google/google-strategy.factory'
@@ -62,12 +68,12 @@ export class AuthController {
     description:
       'This endpoint validates OTPs. If the OTP is valid, it returns a valid token along with the user details'
   })
-  @ApiParam({
+  @ApiQuery({
     name: 'email',
     description: 'Email to send OTP',
     required: true
   })
-  @ApiParam({
+  @ApiQuery({
     name: 'otp',
     description: 'OTP to validate',
     required: true

apps/api/src/common/static.ts

@@ -0,0 +1,3 @@
+export const invalidAuthenticationResponse = {
+  description: 'Invalid authentication header or API key'
+}

apps/api/src/main.ts

@@ -92,11 +92,17 @@ async function initializeNestApp() {
     }),
     new QueryTransformPipe()
   )
-  const port = 4200
+  const port = process.env.API_PORT || 4200
   const swaggerConfig = new DocumentBuilder()
     .setTitle('keyshade')
     .setDescription('The keyshade API description')
     .setVersion('1.0')
+    .addBearerAuth({ type: 'http', scheme: 'bearer', bearerFormat: 'JWT' })
+    .addSecurity('api_key', {
+      type: 'apiKey',
+      in: 'header',
+      name: 'x-keyshade-token'
+    })
     .build()
   const document = SwaggerModule.createDocument(app, swaggerConfig)
   SwaggerModule.setup('docs', app, document)