From 3432829c915cced950dda0506b3c897e95ad5c11 Mon Sep 17 00:00:00 2001 From: Igor Scheller Date: Sat, 23 Dec 2023 21:59:48 +0100 Subject: [PATCH] API: Document x-api-key header auth --- resources/api/openapi.yml | 13 +++++++++---- src/Controllers/Api/IndexController.php | 2 +- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/resources/api/openapi.yml b/resources/api/openapi.yml index ae9f8fab..5669114e 100644 --- a/resources/api/openapi.yml +++ b/resources/api/openapi.yml @@ -36,12 +36,20 @@ tags: - name: user description: User information +security: + - bearer-auth: [ ] + - api-key-header: [ ] + components: securitySchemes: - bearerAuth: + bearer-auth: type: http scheme: bearer bearerFormat: API key from settings + api-key-header: + type: apiKey + name: x-api-key + in: header responses: UnauthorizedError: # 401 @@ -421,9 +429,6 @@ components: - event - teardown -security: - - bearerAuth: [ ] - paths: /angeltypes: get: diff --git a/src/Controllers/Api/IndexController.php b/src/Controllers/Api/IndexController.php index 54753bf8..0a2fc1da 100644 --- a/src/Controllers/Api/IndexController.php +++ b/src/Controllers/Api/IndexController.php @@ -87,7 +87,7 @@ class IndexController extends ApiController return $this->response ->setStatusCode(200) ->withHeader('allow', 'OPTIONS, HEAD, GET') - ->withHeader('access-control-allow-headers', 'Authorization'); + ->withHeader('access-control-allow-headers', 'Authorization, x-api-key'); } public function notFound(): Response