Feature: added Swagger UI support with OpenAPI spec 3.0, removing Flask_restx - Issue ##23

simasgrilo · simasgrilo · commit bdda2f4872f2 · 2025-04-30T22:39:28.000-03:00
diff --git a/LogAggregator.py b/LogAggregator.py
@@ -8,16 +8,16 @@
 from pathlib import Path
 from dotenv import load_dotenv
 from flask import Flask
-from flask_restx import Api
 from src.Logger.Logger import Logger
 from src.database import DB as db
 from src.auth import auth_bp, LogJWTManager as jwt
 from src.FileTransferManager.FileUploader import FileUploader
 from src.ConfigManager.ConfigManager import ConfigManager
 from src.FileTransferManager.ElasticConnector import ElasticConnector
 from src.blueprints import LogBlueprint
-from src.blueprints.docs import LogDoc
-from src.blueprints.docs.auth_doc import api as auth_namespace
+from src.docs.py.docs import doc_app
+#from src.blueprints.docs import LogDoc
+#from src.blueprints.docs.auth_doc import api as auth_namespace
 
 
 class LogAggregator:
@@ -54,29 +54,8 @@ def __init__(self,
             self.app.register_blueprint(log_bp,url_prefix='/')
             # register the blueprints for authentication: every authentication related resource needs to be prefixed with /auth
             self.app.register_blueprint(auth_bp,url_prefix='/auth')
-            #Swagger UI setup with RESTX API:
-            authentication = {
-                'basic': {
-                    'type': 'basic',
-                    'scheme': 'basic',
-                    'in': 'header'},
-                'jwt' : {
-                    'type': "oauth2",
-                    'scheme': 'bearer',
-                    'in': "header"
-                }
-            }
-            restx_api = Api(app=self.app, 
-                            version="1.0", 
-                            title="LogAggregator API", 
-                            description="LogAggregator API documentation", 
-                            doc="/docs",
-                            authorizations=authentication)
-            LogDoc(self.__log)
-            log_namespace = LogDoc.get_api()
-            restx_api.add_namespace(log_namespace, path="/log")
-            restx_api.add_namespace(auth_namespace, path="/auth")
-            
+            # Swagger UI implementation in a separate blueprint
+            self.app.register_blueprint(doc_app, url_prefix='/api')
         except FileNotFoundError as exc:
             message = inspect.cleandoc("""Missing config.json file. Please provide a valid file when starting the app. 
                      If this app was started using Docker, please ensure that your Docker run has a -v volume binding that maps the config.json file 
diff --git a/main.py b/main.py
@@ -6,5 +6,4 @@
 
 from LogAggregator import LogAggregator
 
-app = LogAggregator().app
-app.run()
+app = LogAggregator().app
diff --git a/src/auth/Auth.py b/src/auth/Auth.py
@@ -21,7 +21,7 @@ def login():
 
     return AuthService.login()
 
-@auth_bp.post("/user/password")
+@auth_bp.put("/user/password")
 def change_password():
     """
     Endpoint to allow chaning the password of an user. Only users with admin privileges can perform this acction
diff --git a/src/docs/swagger-ui/static/openapi.yaml b/src/docs/swagger-ui/static/openapi.yaml
@@ -0,0 +1,188 @@
+openapi: 3.0.0
+info:
+  version: 1.0.0
+  title: LogAggregator API
+  description: A microservices based approach for log parsing, indexing and analysis.
+security:
+  - bearerHttpAuthentication : []
+
+paths:
+  /auth/login:
+    get:
+      tags:
+        - User
+      description: Logs the user in the system
+      security:
+        - basicHttpAuthentication: []
+
+      responses:
+        '200':
+          description: User logged in successfully
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  message:
+                    type: string
+                  token:
+                    type: object
+                    properties:
+                      access: 
+                        type: string
+                      refresh:
+                        type: string
+                example: { "message": "Logged in", "token": { "access": "a valid access token", "refresh": "Its corresponding token" } }
+        '400':
+          description: "Bad request - invalid username or password"
+          content:
+            application/json:
+              schema:
+                type: string
+  /auth/register:
+    post:
+      tags:
+        - User
+      description: Registers a new user in the system. Requires admin access.
+      security:
+        - bearerHttpAuthentication: []
+      requestBody:
+        content:
+          application/json:
+            schema: 
+              $ref: '#/components/schemas/User'
+
+      responses:
+        '201':
+          description: User created successfully
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  message:
+                    type: string
+                example: { "message": "user created", "username": "wilsonphilips" }
+        '400':
+          description: "Bad request - Invalid parameters in request body"
+          content:
+            application/json:
+              schema:
+                type: object
+                example: { "message": Illegal argument in your request. }
+        '401':
+          description: "Unauthorized - Current user does not have the necessary permissions to create a new user"
+          content:
+            application/json:
+              schema:
+                type: string
+                example: { "message": "missing authorization for requested resource" }
+        '409':
+          description: Conflict - User already exists
+          content:
+            application/json:
+              schema:
+                type: string
+                example: { "message": "User already exists"}
+  /auth/user:
+    delete:
+      tags: 
+        - User
+      description: Deletes a user from the system. requires admin access
+      security:
+        - bearerHttpAuthentication: []
+      requestBody:
+        content:
+          application/json:
+            schema: 
+              type: object
+              properties:
+                username:
+                  type: string
+      responses:
+        '200':
+          description: User deleted successfully
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  message:
+                    type: string
+                example: { "message": "user deleted"}
+        '400':
+          description: "Bad request"
+          content:
+            application/json:
+              schema:
+                type: object
+                example: { "message": Illegal argument in your request. }
+                  
+        '401':
+          description: "Unauthorized - missing authorization for requested resource"
+          content:
+            application/json:
+              schema:
+                type: object
+                example: { "message": Missing authorization for requested resource }
+
+  /log:
+    post:
+      tags:
+        - log
+      security:
+        - bearerHttpAuthentication: []
+      requestBody:
+        description: The logged message is expected to be of type as text/plain
+        content:
+          text/plain:
+            schema:
+              type: string
+              $ref: '#/components/schemas/Log'
+      responses:
+        '200':
+          description: "Log received from <ip_addr> - <ip_addr> is the request's IP address of the application that has sent the message to the LogAggregator"
+          content:
+            application/json:
+              schema:
+                type: object
+                example: {"message" : Log received from 127.0.0.1}
+        '400':
+          description: "Bad request - check your input"
+          content:
+            application/json:
+              schema:
+                type: object
+                example: {"message" : Error upon parsing input payload. Please refer to the documentation to get the correct expected format}
+        '401':
+          description: "Unauthorized - missing authorization for requested resource"
+
+
+components:  
+  securitySchemes:
+    basicHttpAuthentication:
+      description: Basic HTTP Authentication
+      type: http
+      scheme: Basic
+    bearerHttpAuthentication:
+      description: Bearer token using a JWT
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+  schemas:
+    User:
+      type: object
+      required:
+        - username
+        - password
+      properties:
+        username:
+          type: string
+          description: Username to be created
+        password:
+          type: string
+          description: Password of the user 
+    Log:
+      type: string
+      format: date - time - IP (ipv4 or ipv6) - Process ID - Level - method - module - message
+      example: 2025-04-18 01:58:39,762 - 127.0.0.1 - 1223 - INFO - get_dns - server.py - Querying DNS server for address www.gmail.com
diff --git a/src/docs/swagger-ui/templates/index.html b/src/docs/swagger-ui/templates/index.html
@@ -6,8 +6,8 @@
     <title>Swagger UI</title>
     <link rel="stylesheet" type="text/css" href="{{ url_for('docs.static', filename='css/swagger-ui.css') }}" />
     <link rel="stylesheet" type="text/css" href="{{ url_for('docs.static', filename='css/index.css') }}" />
-    <link rel="icon" type="image/png" href="{{ url_for('docs.static', filename='css/favicon-32x32.png') }}" sizes="32x32" />
-    <link rel="icon" type="image/png" href="{{ url_for('docs.static', filename='css/favicon-16x16.png') }}" sizes="16x16" />
+    <link rel="icon" type="image/png" href="{{ url_for('docs.static', filename='png/favicon-32x32.png') }}" sizes="32x32" />
+    <link rel="icon" type="image/png" href="{{ url_for('docs.static', filename='png/favicon-16x16.png') }}" sizes="16x16" />
   </head>
 
   <body>
diff --git a/src/services/auth_service.py b/src/services/auth_service.py
@@ -33,15 +33,15 @@ def register_user():
             data = request.json
             PayloadValidator.validate_payload(data)
             user = User.by_id(data['username'])
-        except ValueError:
+        except (ValueError, KeyError):
             #maybe protecting this against XSS/SQL injection attacks is a good thing...
             return jsonify({
                 "message": "Illegal argument in your request. Please check your input"
-            }), Constants.HTTP_CONFLICT.value
+            }), Constants.HTTP_BAD_REQUEST.value
         if user:
             return jsonify({
                 "message" : "User already exists"
-            }), Constants.HTTP_BAD_REQUEST.value
+            }), Constants.HTTP_CONFLICT.value
         new_user = User(
             username=data['username']
         )
@@ -72,7 +72,7 @@ def login():
                     "refresh": refresh_token
                 }
             }), Constants.HTTP_OK.value
-        except KeyError:
+        except (KeyError, AttributeError):
             return jsonify({
                 "error": "one or more required fields were not provided. Check your input payload"
             }), Constants.HTTP_BAD_REQUEST.value
