fix: simplify whitelist entries and update logs API
- Change whitelist response format to use single `entry` field instead of `ip` + `reason` - Update auth endpoint to return 204 No Content instead of 200 with body - Add 405 Method Not Allowed response for auth endpoint - Fix operationId for permanent whitelist endpoint (was `listTempWhitelist`) - Add query parameters for logs endpoint: action, ip, limit, offset - Update documentation in docs/api.md and openapi.yaml
This commit is contained in:
56
openapi.yaml
56
openapi.yaml
@@ -20,7 +20,7 @@ paths:
|
||||
summary: Auth check (NGINX auth_request)
|
||||
description: |
|
||||
The NGINX auth_request endpoint. Do NOT call this directly.
|
||||
Returns 200 if the client IP is whitelisted, 401 otherwise.
|
||||
Returns 204 if the client IP is whitelisted, 401 otherwise.
|
||||
Only checks permanent and temporary IP whitelists.
|
||||
operationId: checkAuth
|
||||
parameters:
|
||||
@@ -31,13 +31,8 @@ paths:
|
||||
type: string
|
||||
description: Client IP set by NGINX
|
||||
responses:
|
||||
'200':
|
||||
description: OK
|
||||
content:
|
||||
text/plain:
|
||||
schema:
|
||||
type: string
|
||||
example: "ok"
|
||||
'204':
|
||||
description: No Content — IP is whitelisted
|
||||
'401':
|
||||
description: Unauthorized — IP not whitelisted
|
||||
|
||||
@@ -98,8 +93,8 @@ paths:
|
||||
description: Unauthorized — invalid API token
|
||||
'500':
|
||||
description: Internal error — database failure
|
||||
|
||||
/api/whitelist/temp/list:
|
||||
'405':
|
||||
description: Method not allowed — only POST is supported
|
||||
get:
|
||||
summary: List temporary whitelisted IPs
|
||||
description: List all currently active temporary whitelisted IPs.
|
||||
@@ -190,7 +185,7 @@ paths:
|
||||
get:
|
||||
summary: List permanent whitelisted IPs
|
||||
description: List all currently active permanent whitelisted IPs.
|
||||
operationId: listTempWhitelist
|
||||
operationId: listPermWhitelist
|
||||
responses:
|
||||
'200':
|
||||
description: List of permanent whitelisted IPs
|
||||
@@ -201,12 +196,9 @@ paths:
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
ip:
|
||||
entry:
|
||||
type: string
|
||||
example: "1.2.3.4"
|
||||
reason:
|
||||
type: string
|
||||
example: "my laptop"
|
||||
example: "203.0.113.10"
|
||||
'401':
|
||||
description: Unauthorized — invalid API token
|
||||
'500':
|
||||
@@ -238,10 +230,40 @@ paths:
|
||||
get:
|
||||
summary: Retrieve audit log entries
|
||||
description: |
|
||||
Retrieve the last 200 audit log entries.
|
||||
Retrieve the last 200 audit log entries (up to 1000 with `limit`).
|
||||
Each entry records a whitelist operation with its timestamp, action, affected IP,
|
||||
and the IP of the API client that performed the action.
|
||||
operationId: getLogs
|
||||
parameters:
|
||||
- name: action
|
||||
in: query
|
||||
required: false
|
||||
schema:
|
||||
type: string
|
||||
description: Filter by action type (add_temp, delete_temp, add_perm, delete_perm, expire_temp)
|
||||
- name: ip
|
||||
in: query
|
||||
required: false
|
||||
schema:
|
||||
type: string
|
||||
description: Filter by IP address
|
||||
- name: limit
|
||||
in: query
|
||||
required: false
|
||||
schema:
|
||||
type: integer
|
||||
minimum: 1
|
||||
maximum: 1000
|
||||
default: 200
|
||||
description: Number of entries to return (default 200, max 1000)
|
||||
- name: offset
|
||||
in: query
|
||||
required: false
|
||||
schema:
|
||||
type: integer
|
||||
minimum: 0
|
||||
default: 0
|
||||
description: Number of entries to skip (default 0)
|
||||
responses:
|
||||
'200':
|
||||
description: List of audit log entries
|
||||
|
||||
Reference in New Issue
Block a user