-
Notifications
You must be signed in to change notification settings - Fork 192
/
main.rs
311 lines (280 loc) · 9.27 KB
/
main.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
use std::net::{Ipv4Addr, SocketAddr};
use std::io::Error;
use tokio::net::TcpListener;
use utoipa::{
openapi::security::{ApiKey, ApiKeyValue, SecurityScheme},
Modify, OpenApi,
};
use utoipa_axum::router::OpenApiRouter;
use utoipa_rapidoc::RapiDoc;
use utoipa_redoc::{Redoc, Servable};
use utoipa_scalar::{Scalar, Servable as ScalarServable};
use utoipa_swagger_ui::SwaggerUi;
const TODO_TAG: &str = "todo";
#[tokio::main]
async fn main() -> Result<(), Error> {
#[derive(OpenApi)]
#[openapi(
modifiers(&SecurityAddon),
tags(
(name = TODO_TAG, description = "Todo items management API")
)
)]
struct ApiDoc;
struct SecurityAddon;
impl Modify for SecurityAddon {
fn modify(&self, openapi: &mut utoipa::openapi::OpenApi) {
if let Some(components) = openapi.components.as_mut() {
components.add_security_scheme(
"api_key",
SecurityScheme::ApiKey(ApiKey::Header(ApiKeyValue::new("todo_apikey"))),
)
}
}
}
let (router, api) = OpenApiRouter::with_openapi(ApiDoc::openapi())
.nest("/api/v1/todos", todo::router())
.split_for_parts();
let router = router
.merge(SwaggerUi::new("/swagger-ui").url("/api-docs/openapi.json", api.clone()))
.merge(Redoc::with_url("/redoc", api.clone()))
// There is no need to create `RapiDoc::with_openapi` because the OpenApi is served
// via SwaggerUi instead we only make rapidoc to point to the existing doc.
.merge(RapiDoc::new("/api-docs/openapi.json").path("/rapidoc"))
// Alternative to above
// .merge(RapiDoc::with_openapi("/api-docs/openapi2.json", api).path("/rapidoc"))
.merge(Scalar::with_url("/scalar", api));
let address = SocketAddr::from((Ipv4Addr::UNSPECIFIED, 8080));
let listener = TcpListener::bind(&address).await?;
axum::serve(listener, router.into_make_service()).await
}
mod todo {
use std::sync::Arc;
use axum::{
extract::{Path, Query, State},
response::IntoResponse,
Json,
};
use hyper::{HeaderMap, StatusCode};
use serde::{Deserialize, Serialize};
use tokio::sync::Mutex;
use utoipa::{IntoParams, ToSchema};
use utoipa_axum::{router::OpenApiRouter, routes};
use crate::TODO_TAG;
/// In-memory todo store
type Store = Mutex<Vec<Todo>>;
/// Item to do.
#[derive(Serialize, Deserialize, ToSchema, Clone)]
struct Todo {
id: i32,
#[schema(example = "Buy groceries")]
value: String,
done: bool,
}
/// Todo operation errors
#[derive(Serialize, Deserialize, ToSchema)]
enum TodoError {
/// Todo already exists conflict.
#[schema(example = "Todo already exists")]
Conflict(String),
/// Todo not found by id.
#[schema(example = "id = 1")]
NotFound(String),
/// Todo operation unauthorized
#[schema(example = "missing api key")]
Unauthorized(String),
}
pub(super) fn router() -> OpenApiRouter {
let store = Arc::new(Store::default());
OpenApiRouter::new()
.routes(routes!(list_todos, create_todo))
.routes(routes!(search_todos))
.routes(routes!(mark_done, delete_todo))
.with_state(store)
}
/// List all Todo items
///
/// List all Todo items from in-memory storage.
#[utoipa::path(
get,
path = "",
tag = TODO_TAG,
responses(
(status = 200, description = "List all todos successfully", body = [Todo])
)
)]
async fn list_todos(State(store): State<Arc<Store>>) -> Json<Vec<Todo>> {
let todos = store.lock().await.clone();
Json(todos)
}
/// Todo search query
#[derive(Deserialize, IntoParams)]
struct TodoSearchQuery {
/// Search by value. Search is incase sensitive.
value: String,
/// Search by `done` status.
done: bool,
}
/// Search Todos by query params.
///
/// Search `Todo`s by query params and return matching `Todo`s.
#[utoipa::path(
get,
path = "/search",
tag = TODO_TAG,
params(
TodoSearchQuery
),
responses(
(status = 200, description = "List matching todos by query", body = [Todo])
)
)]
async fn search_todos(
State(store): State<Arc<Store>>,
query: Query<TodoSearchQuery>,
) -> Json<Vec<Todo>> {
Json(
store
.lock()
.await
.iter()
.filter(|todo| {
todo.value.to_lowercase() == query.value.to_lowercase()
&& todo.done == query.done
})
.cloned()
.collect(),
)
}
/// Create new Todo
///
/// Tries to create a new Todo item to in-memory storage or fails with 409 conflict if already exists.
#[utoipa::path(
post,
path = "",
tag = TODO_TAG,
responses(
(status = 201, description = "Todo item created successfully", body = Todo),
(status = 409, description = "Todo already exists", body = TodoError)
)
)]
async fn create_todo(
State(store): State<Arc<Store>>,
Json(todo): Json<Todo>,
) -> impl IntoResponse {
let mut todos = store.lock().await;
todos
.iter_mut()
.find(|existing_todo| existing_todo.id == todo.id)
.map(|found| {
(
StatusCode::CONFLICT,
Json(TodoError::Conflict(format!(
"todo already exists: {}",
found.id
))),
)
.into_response()
})
.unwrap_or_else(|| {
todos.push(todo.clone());
(StatusCode::CREATED, Json(todo)).into_response()
})
}
/// Mark Todo item done by id
///
/// Mark Todo item done by given id. Return only status 200 on success or 404 if Todo is not found.
#[utoipa::path(
put,
path = "/{id}",
tag = TODO_TAG,
responses(
(status = 200, description = "Todo marked done successfully"),
(status = 404, description = "Todo not found")
),
params(
("id" = i32, Path, description = "Todo database id")
),
security(
(), // <-- make optional authentication
("api_key" = [])
)
)]
async fn mark_done(
Path(id): Path<i32>,
State(store): State<Arc<Store>>,
headers: HeaderMap,
) -> StatusCode {
match check_api_key(false, headers) {
Ok(_) => (),
Err(_) => return StatusCode::UNAUTHORIZED,
}
let mut todos = store.lock().await;
todos
.iter_mut()
.find(|todo| todo.id == id)
.map(|todo| {
todo.done = true;
StatusCode::OK
})
.unwrap_or(StatusCode::NOT_FOUND)
}
/// Delete Todo item by id
///
/// Delete Todo item from in-memory storage by id. Returns either 200 success of 404 with TodoError if Todo is not found.
#[utoipa::path(
delete,
path = "/{id}",
tag = TODO_TAG,
responses(
(status = 200, description = "Todo marked done successfully"),
(status = 401, description = "Unauthorized to delete Todo", body = TodoError, example = json!(TodoError::Unauthorized(String::from("missing api key")))),
(status = 404, description = "Todo not found", body = TodoError, example = json!(TodoError::NotFound(String::from("id = 1"))))
),
params(
("id" = i32, Path, description = "Todo database id")
),
security(
("api_key" = [])
)
)]
async fn delete_todo(
Path(id): Path<i32>,
State(store): State<Arc<Store>>,
headers: HeaderMap,
) -> impl IntoResponse {
match check_api_key(true, headers) {
Ok(_) => (),
Err(error) => return error.into_response(),
}
let mut todos = store.lock().await;
let len = todos.len();
todos.retain(|todo| todo.id != id);
if todos.len() != len {
StatusCode::OK.into_response()
} else {
(
StatusCode::NOT_FOUND,
Json(TodoError::NotFound(format!("id = {id}"))),
)
.into_response()
}
}
// normally you should create a middleware for this but this is sufficient for sake of example.
fn check_api_key(
require_api_key: bool,
headers: HeaderMap,
) -> Result<(), (StatusCode, Json<TodoError>)> {
match headers.get("todo_apikey") {
Some(header) if header != "utoipa-rocks" => Err((
StatusCode::UNAUTHORIZED,
Json(TodoError::Unauthorized(String::from("incorrect api key"))),
)),
None if require_api_key => Err((
StatusCode::UNAUTHORIZED,
Json(TodoError::Unauthorized(String::from("missing api key"))),
)),
_ => Ok(()),
}
}
}