API: Document x-api-key header auth

2023-12-23 21:59:48 +01:00 · 2023-12-23 21:59:48 +01:00 · 3432829c91
parent 6e4c9b2405
commit 3432829c91
2 changed files with 10 additions and 5 deletions
--- a/resources/api/openapi.yml
+++ b/resources/api/openapi.yml
@ -36,12 +36,20 @@ tags:
  - name: user
    description: User information

+security:
+  - bearer-auth: [ ]
+  - api-key-header: [ ]
+
 components:
  securitySchemes:
-    bearerAuth:
+    bearer-auth:
      type: http
      scheme: bearer
      bearerFormat: API key from settings
+    api-key-header:
+      type: apiKey
+      name: x-api-key
+      in: header

  responses:
    UnauthorizedError: # 401
@ -421,9 +429,6 @@ components:
        - event
        - teardown

-security:
-  - bearerAuth: [ ]
-
 paths:
  /angeltypes:
    get:
--- a/src/Controllers/Api/IndexController.php
+++ b/src/Controllers/Api/IndexController.php
@ -87,7 +87,7 @@ class IndexController extends ApiController
        return $this->response
            ->setStatusCode(200)
            ->withHeader('allow', 'OPTIONS, HEAD, GET')
-            ->withHeader('access-control-allow-headers', 'Authorization');
+            ->withHeader('access-control-allow-headers', 'Authorization, x-api-key');
    }

    public function notFound(): Response