m-o-e/app.cr Secret

## app.cr
#
# Quick Lux Demo with Auth
#
Lux::OpenApi.add_security_scheme "basic_auth",
                                  Lux::OpenApi::SecurityScheme::Http.new(scheme: "basic", description: "Auth plz")

module BasicAuth
  macro included
    ERR_NO_AUTH = AccessDenied.new(title: "Invalid request", detail: "Missing Authorization header")
    ERR_BAD_AUTH = AccessDenied.new(title: "Invalid credentials", detail: "Wrong username/password")

    response 401, AccessDenied, Default::Error, description: "Authorization Error"
    example AccessDenied, "Missing Authorization header" { ERR_NO_AUTH }
    example AccessDenied, "Invalid credentials" { ERR_BAD_AUTH }

    before do |ctx|
      return ERR_NO_AUTH unless ctx.request.headers.has_key? "Authorization"
      return ERR_BAD_AUTH unless Base64.decode_string(ctx.request.headers["Authorization"].split(" ")[1]) == "marty:mcfly"
    end
    security [{ "basic_auth" => ["write"] }]
  end
end

Lux.get "/pets/{id}" do
  summary "Get a pet"
  description "A pet, or companion animal, is an animal kept primarily for a person's company or entertainment rather than as a working animal, livestock, or a laboratory animal."
  tags "Pet Shop"

  path_param id, Int32, minimum: 0, example: "321"

  response 200, Success, Default::Success, { data: { id: Int32, name: String } }, description: "Here's your pet!"
  example Success, "Pet found" { Success.new(data: { id: 123, name: "Snorlax" }) }

  handle do
    Success.new(data: { id: p_id, name: UUID.random.to_s } )
  end
end

Lux.put "/pets" do
  include BasicAuth

  summary "Put a pet"
  description "Putting a pet requires authentication. We can't just let anyone put our pets!"
  tags "Pet Shop"

  body_param id, Int32, minimum: 0, maximum: 42, example: "8"
  body_param name, String, maxlength: 32, pattern: { id: "no_f_words", regex: /^((?!F).)*$/ }, example: "Snorlax"

  response 200, Success, Default::Success, { data: { id: Int32, name: String } }, description: "Your pet was stored!"
  example Success, "Look, we stored it!" { Success.new(data: { id: 8, name: "Snorlax" } ) }

  handle do
    Success.new(data: { id: b_id, name: b_name } )
  end
end

Lux.get "/" do
  summary "API Documentation"
  description "Combined endpoint. Returns Swagger HTML or OpenAPI JSON depending on client-provided `Accept`-header."
  tags "Documentation"

  response 200, ApiDocs, Swagger, description: "Swagger HTML or OpenAPI JSON"
  example ApiDocs, "Auto generated documentation" { ApiDocs.new(title: "API Docs") }

  handle do
    ApiDocs.new(title: "API Docs")
  end
end

unless ENV["ENV"]? == "test"
  Lux.trap
  Lux.listen(handlers: [HTTP::CompressHandler.new])
  Lux.wait
end
	#
	# Quick Lux Demo with Auth
	#
	Lux::OpenApi.add_security_scheme "basic_auth",
	Lux::OpenApi::SecurityScheme::Http.new(scheme: "basic", description: "Auth plz")

	module BasicAuth
	macro included
	ERR_NO_AUTH = AccessDenied.new(title: "Invalid request", detail: "Missing Authorization header")
	ERR_BAD_AUTH = AccessDenied.new(title: "Invalid credentials", detail: "Wrong username/password")

	response 401, AccessDenied, Default::Error, description: "Authorization Error"
	example AccessDenied, "Missing Authorization header" { ERR_NO_AUTH }
	example AccessDenied, "Invalid credentials" { ERR_BAD_AUTH }

	before do \|ctx\|
	return ERR_NO_AUTH unless ctx.request.headers.has_key? "Authorization"
	return ERR_BAD_AUTH unless Base64.decode_string(ctx.request.headers["Authorization"].split(" ")[1]) == "marty:mcfly"
	end
	security [{ "basic_auth" => ["write"] }]
	end
	end

	Lux.get "/pets/{id}" do
	summary "Get a pet"
	description "A pet, or companion animal, is an animal kept primarily for a person's company or entertainment rather than as a working animal, livestock, or a laboratory animal."
	tags "Pet Shop"

	path_param id, Int32, minimum: 0, example: "321"

	response 200, Success, Default::Success, { data: { id: Int32, name: String } }, description: "Here's your pet!"
	example Success, "Pet found" { Success.new(data: { id: 123, name: "Snorlax" }) }

	handle do
	Success.new(data: { id: p_id, name: UUID.random.to_s } )
	end
	end

	Lux.put "/pets" do
	include BasicAuth

	summary "Put a pet"
	description "Putting a pet requires authentication. We can't just let anyone put our pets!"
	tags "Pet Shop"

	body_param id, Int32, minimum: 0, maximum: 42, example: "8"
	body_param name, String, maxlength: 32, pattern: { id: "no_f_words", regex: /^((?!F).)*$/ }, example: "Snorlax"

	response 200, Success, Default::Success, { data: { id: Int32, name: String } }, description: "Your pet was stored!"
	example Success, "Look, we stored it!" { Success.new(data: { id: 8, name: "Snorlax" } ) }

	handle do
	Success.new(data: { id: b_id, name: b_name } )
	end
	end

	Lux.get "/" do
	summary "API Documentation"
	description "Combined endpoint. Returns Swagger HTML or OpenAPI JSON depending on client-provided `Accept`-header."
	tags "Documentation"

	response 200, ApiDocs, Swagger, description: "Swagger HTML or OpenAPI JSON"
	example ApiDocs, "Auto generated documentation" { ApiDocs.new(title: "API Docs") }

	handle do
	ApiDocs.new(title: "API Docs")
	end
	end

	unless ENV["ENV"]? == "test"
	Lux.trap
	Lux.listen(handlers: [HTTP::CompressHandler.new])
	Lux.wait
	end