Files
SproutGate/sproutgate-backend/docs/swagger.yaml
2026-05-13 12:19:36 +08:00

1429 lines
34 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
basePath: /
definitions:
handlers.CreateInviteRequest:
properties:
expiresAt:
type: string
maxUses:
type: integer
note:
type: string
type: object
handlers.CreateUserRequest:
properties:
account:
type: string
avatarUrl:
type: string
bio:
type: string
email:
type: string
level:
type: integer
password:
type: string
phone:
type: string
secondaryEmails:
items:
type: string
type: array
sproutCoins:
type: integer
username:
type: string
websiteUrl:
type: string
type: object
handlers.ForgotPasswordRequest:
properties:
account:
type: string
email:
type: string
type: object
handlers.LoginRequest:
properties:
account:
type: string
clientId:
type: string
clientName:
type: string
password:
type: string
turnstileToken:
type: string
type: object
handlers.OAuthBindURLRequest:
properties:
returnTo:
type: string
type: object
handlers.PutAdminOAuthRequest:
properties:
allowOAuthSignUpWhenInviteRequired:
type: boolean
allowedReturnPrefixes:
items:
type: string
type: array
giteaBaseUrl:
type: string
giteaClientId:
type: string
giteaClientSecret:
type: string
giteaEnabled:
type: boolean
giteaLogoUrl:
type: string
githubClientId:
type: string
githubClientSecret:
type: string
githubEnabled:
type: boolean
githubLogoUrl:
type: string
googleClientId:
type: string
googleClientSecret:
type: string
googleEnabled:
type: boolean
googleLogoUrl:
type: string
linuxdoClientId:
type: string
linuxdoClientSecret:
type: string
linuxdoConnectBaseUrl:
type: string
linuxdoEnabled:
type: boolean
linuxdoLogoUrl:
type: string
microsoftClientId:
type: string
microsoftClientSecret:
type: string
microsoftEnabled:
type: boolean
microsoftLogoUrl:
type: string
microsoftTenant:
type: string
type: object
handlers.PutAdminTurnstileRequest:
properties:
enabled:
type: boolean
secretKey:
type: string
siteKey:
type: string
type: object
handlers.RegisterRequest:
properties:
account:
type: string
email:
type: string
inviteCode:
type: string
password:
type: string
turnstileToken:
type: string
username:
type: string
type: object
handlers.ResetPasswordRequest:
properties:
account:
type: string
code:
type: string
newPassword:
type: string
type: object
handlers.SecondaryEmailRequest:
properties:
email:
type: string
type: object
handlers.UpdateCheckInConfigRequest:
properties:
rewardCoins:
type: integer
type: object
handlers.UpdateProfileRequest:
properties:
avatarUrl:
type: string
bio:
type: string
password:
type: string
phone:
type: string
username:
type: string
websiteUrl:
type: string
type: object
handlers.UpdateRegistrationPolicyRequest:
properties:
forbiddenAccounts:
type: string
inviteRegisterRewardCoins:
description: nil 表示不修改此项
type: integer
requireInviteCode:
type: boolean
type: object
handlers.UpdateUserRequest:
properties:
avatarUrl:
type: string
banReason:
type: string
banned:
type: boolean
bio:
type: string
email:
type: string
level:
type: integer
password:
type: string
phone:
type: string
secondaryEmails:
items:
type: string
type: array
sproutCoins:
type: integer
username:
type: string
websiteUrl:
type: string
type: object
handlers.VerifyEmailRequest:
properties:
account:
type: string
code:
type: string
type: object
handlers.VerifyRequest:
properties:
token:
type: string
type: object
handlers.VerifySecondaryEmailRequest:
properties:
code:
type: string
email:
type: string
type: object
host: localhost:8080
info:
contact: {}
description: 统一认证、用户资料、每日签到、公开用户主页与管理端等 JSON HTTP 接口。
title: 萌芽账户认证中心 API
version: 0.1.0
paths:
/:
get:
description: 与 GET /api 相同,返回名称、版本与路由前缀说明。
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
summary: API 简介 JSON
tags:
- meta
/api:
get:
description: 与 GET / 相同。
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
summary: API 简介 JSON
tags:
- meta
/api/admin/check-in/config:
get:
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 签到奖励配置(管理端也可用)
tags:
- admin
put:
consumes:
- application/json
parameters:
- description: rewardCoins
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.UpdateCheckInConfigRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 更新签到奖励
tags:
- admin
/api/admin/oauth:
get:
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: OAuth 配置(脱敏)
tags:
- admin
put:
consumes:
- application/json
parameters:
- description: 配置
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.PutAdminOAuthRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 更新 OAuth 配置
tags:
- admin
/api/admin/registration:
get:
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 注册策略与邀请码列表
tags:
- admin
put:
consumes:
- application/json
parameters:
- description: 策略
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.UpdateRegistrationPolicyRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 更新注册策略
tags:
- admin
/api/admin/registration/invites:
post:
consumes:
- application/json
parameters:
- description: 邀请配置
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.CreateInviteRequest'
produces:
- application/json
responses:
"201":
description: Created
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 创建邀请码
tags:
- admin
/api/admin/registration/invites/{code}:
delete:
parameters:
- description: 邀请码
in: path
name: code
required: true
type: string
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"404":
description: Not Found
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 删除邀请码
tags:
- admin
/api/admin/turnstile:
get:
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: Turnstile 配置(脱敏)
tags:
- admin
put:
consumes:
- application/json
parameters:
- description: siteKey、secretKey
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.PutAdminTurnstileRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 更新 Turnstile 配置
tags:
- admin
/api/admin/users:
get:
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 用户列表
tags:
- admin
post:
consumes:
- application/json
parameters:
- description: 用户
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.CreateUserRequest'
produces:
- application/json
responses:
"201":
description: Created
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 创建用户
tags:
- admin
/api/admin/users/{account}:
delete:
parameters:
- description: 账号
in: path
name: account
required: true
type: string
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 删除用户
tags:
- admin
put:
consumes:
- application/json
parameters:
- description: 账号
in: path
name: account
required: true
type: string
- description: 可部分更新
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.UpdateUserRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"404":
description: Not Found
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- AdminToken: []
summary: 更新用户
tags:
- admin
/api/auth/check-in:
post:
consumes:
- application/json
produces:
- application/json
responses:
"200":
description: checkedIn、user、checkIn 等
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 每日签到
tags:
- auth
/api/auth/forgot-password:
post:
consumes:
- application/json
parameters:
- description: 账号与邮箱
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.ForgotPasswordRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 忘记密码(发重置邮件)
tags:
- auth
/api/auth/login:
post:
consumes:
- application/json
description: 可选 Turnstile开启时 body 需带 turnstileToken。
parameters:
- description: 登录请求
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.LoginRequest'
produces:
- application/json
responses:
"200":
description: token、expiresAt、user
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 账号密码登录
tags:
- auth
/api/auth/me:
get:
consumes:
- application/json
description: '需要 Authorization: Bearer。可选头X-Visit-Ip、X-Visit-Location、X-Auth-Client、X-Auth-Client-Name。'
parameters:
- description: 访客 IP
in: header
name: X-Visit-Ip
type: string
- description: 访客地区展示文案
in: header
name: X-Visit-Location
type: string
- description: 接入应用 ID
in: header
name: X-Auth-Client
type: string
- description: 接入应用名称
in: header
name: X-Auth-Client-Name
type: string
produces:
- application/json
responses:
"200":
description: user、checkIn
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 当前用户(含签到摘要)
tags:
- auth
/api/auth/oauth/{provider}:
delete:
consumes:
- application/json
parameters:
- description: github|gitea|google|microsoft|linuxdo
in: path
name: provider
required: true
type: string
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 解绑 OAuth 提供商
tags:
- oauth
/api/auth/oauth/{provider}/bind:
post:
consumes:
- application/json
parameters:
- description: github|gitea|google|microsoft|linuxdo
in: path
name: provider
required: true
type: string
- description: returnTo
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.OAuthBindURLRequest'
produces:
- application/json
responses:
"200":
description: url
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
"503":
description: Service Unavailable
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 已登录用户绑定 OAuth返回授权 URL
tags:
- oauth
/api/auth/oauth/{provider}/callback:
get:
description: 成功时通常 302 回 return_to 并带 token失败时 JSON 或重定向错误页。
parameters:
- description: 提供商
in: path
name: provider
required: true
type: string
- description: 授权码
in: query
name: code
type: string
- description: state
in: query
name: state
type: string
- description: IdP 错误码
in: query
name: error
type: string
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"302":
description: 重定向至客户端
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"404":
description: Not Found
schema:
additionalProperties: true
type: object
summary: OAuth 回调IdP 重定向)
tags:
- oauth
/api/auth/oauth/{provider}/start:
get:
parameters:
- description: github|gitea|google|microsoft|linuxdo
in: path
name: provider
required: true
type: string
- description: 登录完成回跳 URL须符合后台允许前缀
in: query
name: return_to
required: true
type: string
- description: Turnstile 开启时必填
in: query
name: turnstile_token
type: string
produces:
- application/json
responses:
"302":
description: 重定向至 IdP
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"404":
description: Not Found
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
"503":
description: Service Unavailable
schema:
additionalProperties: true
type: object
summary: OAuth 登录起点(重定向 IdP
tags:
- oauth
/api/auth/profile:
put:
consumes:
- application/json
parameters:
- description: 资料字段
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.UpdateProfileRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 更新个人资料(可选改密码)
tags:
- auth
/api/auth/register:
post:
consumes:
- application/json
parameters:
- description: 注册请求
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.RegisterRequest'
produces:
- application/json
responses:
"200":
description: sent、expiresAt
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 自助注册(发验证邮件)
tags:
- auth
/api/auth/reset-password:
post:
consumes:
- application/json
parameters:
- description: 账号、验证码、新密码
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.ResetPasswordRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 重置密码
tags:
- auth
/api/auth/secondary-email/request:
post:
consumes:
- application/json
parameters:
- description: 邮箱
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.SecondaryEmailRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 请求验证辅助邮箱(发邮件)
tags:
- auth
/api/auth/secondary-email/verify:
post:
consumes:
- application/json
parameters:
- description: 邮箱与验证码
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.VerifySecondaryEmailRequest'
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 验证并绑定辅助邮箱
tags:
- auth
/api/auth/verify:
post:
consumes:
- application/json
description: 校验 token 是否有效;可在请求头带 X-Auth-Client / X-Auth-Client-Name 记录接入应用。
parameters:
- description: token
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.VerifyRequest'
produces:
- application/json
responses:
"200":
description: valid、user
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 校验 JWT
tags:
- auth
/api/auth/verify-email:
post:
consumes:
- application/json
parameters:
- description: 账号与验证码
in: body
name: body
required: true
schema:
$ref: '#/definitions/handlers.VerifyEmailRequest'
produces:
- application/json
responses:
"201":
description: created、user
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 邮箱验证并完成注册
tags:
- auth
/api/health:
get:
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
summary: 健康检查
tags:
- meta
/api/public/registration-policy:
get:
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
summary: 公开注册策略与 OAuth/Turnstile 开关
tags:
- public
/api/public/users:
get:
produces:
- application/json
responses:
"200":
description: total、users
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 公开用户目录
tags:
- public
/api/public/users/{account}:
get:
description: 可选 Authorization登录用户可看到点赞状态等扩展字段。
parameters:
- description: 账号
in: path
name: account
required: true
type: string
- description: Bearer可选
in: header
name: Authorization
type: string
produces:
- application/json
responses:
"200":
description: user、profileLikeCount 等
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"404":
description: Not Found
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
summary: 公开用户主页
tags:
- public
/api/public/users/{account}/like:
post:
consumes:
- application/json
parameters:
- description: 被点赞用户账号
in: path
name: account
required: true
type: string
produces:
- application/json
responses:
"200":
description: OK
schema:
additionalProperties: true
type: object
"400":
description: Bad Request
schema:
additionalProperties: true
type: object
"401":
description: Unauthorized
schema:
additionalProperties: true
type: object
"404":
description: Not Found
schema:
additionalProperties: true
type: object
"500":
description: Internal Server Error
schema:
additionalProperties: true
type: object
security:
- BearerAuth: []
summary: 主页点赞
tags:
- public
schemes:
- http
- https
securityDefinitions:
AdminToken:
description: 管理端令牌;也可使用 Query `token` 或与部分客户端相同的 `Authorization` 头(见实现)。
in: header
name: X-Admin-Token
type: apiKey
BearerAuth:
description: JWTAuthorization 头填写「Bearer 」+ token示例Bearer eyJ...)。
in: header
name: Authorization
type: apiKey
swagger: "2.0"