Skip to content

Commit 5fb627c

Browse files
authored
Merge pull request #15 from shortmesh/staging
Staging
2 parents e38d403 + 8400bde commit 5fb627c

79 files changed

Lines changed: 30373 additions & 609 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

Makefile

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -43,18 +43,6 @@ format:
4343
@echo "Running go fmt..."
4444
@go fmt ./... || echo "WARNING: go fmt encountered issues (continuing...)"
4545
@echo ""
46-
@echo "Running prettier on HTML, CSS, JS..."
47-
@if command -v npx >/dev/null 2>&1; then \
48-
echo "Formatting HTML files..."; \
49-
find ./internal/admin/web -name "*.html" -type f -exec npx prettier --write {} \; 2>/dev/null || echo "WARNING: prettier HTML formatting encountered issues (continuing...)"; \
50-
echo "Formatting CSS files..."; \
51-
find ./internal/admin/web -name "*.css" -type f -exec npx prettier --write {} \; 2>/dev/null || echo "WARNING: prettier CSS formatting encountered issues (continuing...)"; \
52-
echo "Formatting JS files..."; \
53-
find ./internal/admin/web -name "*.js" -type f -exec npx prettier --write {} \; 2>/dev/null || echo "WARNING: prettier JS formatting encountered issues (continuing...)"; \
54-
else \
55-
echo "WARNING: npx not found. Install Node.js to use prettier"; \
56-
fi
57-
@echo ""
5846
@echo "Running swag fmt..."
5947
@which swag > /dev/null && swag fmt 2>/dev/null || echo "WARNING: swag fmt encountered issues (continuing...)"
6048
@echo ""

cmd/api/main.go

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,11 @@ import (
2929

3030
// @securityDefinitions.basic BasicAuth
3131

32+
// @securityDefinitions.apikey CookieAuth
33+
// @in cookie
34+
// @name shortmesh_admin_token
35+
// @description Admin session cookie authentication
36+
3237
func gracefulShutdown(apiServer *http.Server, w *worker.Worker, cw *cleanup.CleanupWorker, ww *webhookworker.WebhookWorker, done chan bool) {
3338
ctx, stop := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
3439
defer stop()
@@ -64,6 +69,11 @@ func gracefulShutdown(apiServer *http.Server, w *worker.Worker, cw *cleanup.Clea
6469
func main() {
6570
db := database.New()
6671

72+
if err := database.InitializeSuperAdminCredentials(db.DB()); err != nil {
73+
logger.Error(fmt.Sprintf("Credential initialization failed: %v", err))
74+
os.Exit(1)
75+
}
76+
6777
var w *worker.Worker
6878
if worker.IsEnabled() {
6979
w = worker.New()

docs/USAGE.md

Lines changed: 120 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,8 @@ See [SECURITY.md](./SECURITY.md) for production configuration.
1717

1818
## Authentication
1919

20-
- **Token Creation** - Basic Auth with `CLIENT_ID:CLIENT_SECRET`
21-
- **Device Operations** - Bearer Auth with Matrix token (`mt_xxxxx`)
20+
- **Token/Credential Management** - Basic Auth with `CLIENT_ID:CLIENT_SECRET`
21+
- **Device/Webhook Operations** - Bearer Auth with Matrix token (`mt_xxxxx`)
2222

2323
## Token Management
2424

@@ -127,6 +127,8 @@ curl -X GET http://localhost:8080/api/v1/devices \
127127

128128
### Send Message
129129

130+
#### Text Only (JSON)
131+
130132
```bash
131133
curl -X POST http://localhost:8080/api/v1/devices/237123456789/message \
132134
-H "Authorization: Bearer $TOKEN" \
@@ -138,6 +140,19 @@ curl -X POST http://localhost:8080/api/v1/devices/237123456789/message \
138140
}'
139141
```
140142

143+
#### Text + File (Multipart)
144+
145+
```bash
146+
curl -X POST http://localhost:8080/api/v1/devices/237123456789/message \
147+
-H "Authorization: Bearer $TOKEN" \
148+
-F "contact=1234567890" \
149+
-F "platform=wa" \
150+
-F "text=Check out this document" \
151+
-F "file=@/path/to/document.pdf"
152+
```
153+
154+
File must have an extension.
155+
141156
### Delete Device
142157

143158
```bash
@@ -150,6 +165,109 @@ curl -X DELETE http://localhost:8080/api/v1/devices \
150165
}'
151166
```
152167

168+
## Webhooks
169+
170+
Receive incoming message notifications via HTTP POST.
171+
172+
### Add Webhook
173+
174+
```bash
175+
curl -X POST http://localhost:8080/api/v1/webhooks \
176+
-H "Authorization: Bearer $TOKEN" \
177+
-H "Content-Type: application/json" \
178+
-d '{"url": "https://your-server.com/webhook"}'
179+
```
180+
181+
**Response:**
182+
183+
```json
184+
{
185+
"id": 1,
186+
"url": "https://your-server.com/webhook",
187+
"active": true,
188+
"created_at": "2026-04-27T10:00:00Z",
189+
"updated_at": "2026-04-27T10:00:00Z"
190+
}
191+
```
192+
193+
### List Webhooks
194+
195+
```bash
196+
curl -X GET http://localhost:8080/api/v1/webhooks \
197+
-H "Authorization: Bearer $TOKEN"
198+
```
199+
200+
### Update Webhook
201+
202+
```bash
203+
curl -X PUT http://localhost:8080/api/v1/webhooks/1 \
204+
-H "Authorization: Bearer $TOKEN" \
205+
-H "Content-Type: application/json" \
206+
-d '{"url": "https://new-url.com/webhook", "active": false}'
207+
```
208+
209+
Fields are optional. Omit to keep current value.
210+
211+
### Delete Webhook
212+
213+
```bash
214+
curl -X DELETE http://localhost:8080/api/v1/webhooks/1 \
215+
-H "Authorization: Bearer $TOKEN"
216+
```
217+
218+
## Credentials (Admin Only)
219+
220+
Manage API client credentials. Requires Basic Auth with admin credentials.
221+
222+
### Create Credential
223+
224+
```bash
225+
curl -X POST http://localhost:8080/api/v1/credentials \
226+
-u "$CLIENT_ID:$CLIENT_SECRET" \
227+
-H "Content-Type: application/json" \
228+
-d '{
229+
"client_id": "my-app",
230+
"description": "Production API client"
231+
}'
232+
```
233+
234+
**Response:**
235+
236+
```json
237+
{
238+
"message": "Credential created successfully",
239+
"credential": {
240+
"client_id": "my-app",
241+
"role": "user",
242+
"scopes": [],
243+
"description": "Production API client",
244+
"active": true,
245+
"created_at": "2026-04-27T10:00:00Z",
246+
"updated_at": "2026-04-27T10:00:00Z"
247+
},
248+
"client_secret": "xxxxxxxxxxxx"
249+
}
250+
```
251+
252+
> [!IMPORTANT]
253+
> Save `client_secret` immediately. It's only shown once.
254+
255+
### List Credentials
256+
257+
```bash
258+
curl -X GET http://localhost:8080/api/v1/credentials \
259+
-u "$CLIENT_ID:$CLIENT_SECRET"
260+
```
261+
262+
### Delete Credential
263+
264+
```bash
265+
curl -X DELETE http://localhost:8080/api/v1/credentials/my-app \
266+
-u "$CLIENT_ID:$CLIENT_SECRET"
267+
```
268+
269+
Cannot delete super admin credentials.
270+
153271
## API Reference
154272

155273
Swagger UI: **<http://localhost:8080/docs/index.html>**

0 commit comments

Comments
 (0)