docs/authentication.rst: added content

docs/: added page stubs
added boilerplate for sphinx
2023-05-18 20:29:56 -04:00 · 2023-05-17 21:26:52 -04:00 · 2023-05-17 20:56:29 -04:00
11 changed files with 276 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,3 +5,4 @@ __pycache__/
 config.yml
 instance/
 .coverage
+docs/_build
--- a/docs/Makefile
+++ b/docs/Makefile
@ -0,0 +1,20 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line, and also
+# from the environment for the first two.
+SPHINXOPTS    ?=
+SPHINXBUILD   ?= sphinx-build
+SOURCEDIR     = .
+BUILDDIR      = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
--- a/docs/admin.rst
+++ b/docs/admin.rst
@ -0,0 +1,2 @@
+Admin API
+=========
--- a/docs/authentication.rst
+++ b/docs/authentication.rst
@ -0,0 +1,89 @@
+Authentication
+==============
+
+Authentication is done via the ``Authorization`` HTTP header using a JSON Web Token (JWT).
+As a client, there is no need to understand or parse JWTs; they can be considered as strings.
+
+Signing in
+----------
+Signing in is done via ``POST /users/login``.
+
+Use the following request body:
+    
+.. code-block:: json
+
+    {
+        "username": "your_username_here",
+        "password": "your_password_here"
+    }
+
+The server will respond like this:
+
+.. code-block:: json
+
+    {
+        "auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTgwNDcsImlhdCI6MTY4NDQ1MzI0Nywic3ViIjoidXNlciIsImp0aSI6bnVsbH0.nfJ06gLClROeS5rKg90pqaVikcr_-y00VbCTE3yK3fk",
+        "message": "Logged in.",
+        "status": "success",
+        "username": "user"
+    }
+
+Save the token in ``auth_token``.
+
+.. _authentication_usage:
+
+Using the token
+---------------
+
+On any request that requires authentication, send this token via the ``Authorization`` HTTP header.
+Use the following format:
+
+.. code-block:: http
+
+    GET /users/user HTTP/1.1
+    Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTg0MzMsImlhdCI6MTY4NDQ1MzYzMywic3ViIjoidXNlciIsImp0aSI6bnVsbH0.PBs_YWpIkorTghzTBDHVd3oKer9Vo_YNsgu-yIkG1Cg
+
+Do note that based on server settings, some endpoints may allow access without authenticating.
+
+Renewal
+-------
+By default, the tokens issued by the server expire after 7 days.
+Getting a new token by the end of that period via the normal login API is cumbersome,
+as it requires having the user's password.
+
+To solve this problem, Sachet has a renewal API that takes your API token and renews it for you.
+
+Make a ``POST /users/extend`` request with the authentication described in :ref:`authentication_usage`.
+The server will respond like this:
+
+.. code-block:: json
+
+    {
+        "auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTk1MDUsImlhdCI6MTY4NDQ1NDcwNSwic3ViIjoidXNlciIsImp0aSI6InJlbmV3In0.cf4T6U0IJL-ePvYC28QOYHODPi_vkDlaSjA1AdAGDUo",
+        "message": "Renewed token.",
+        "status": "success",
+        "username": "user"
+    }
+
+You can now use the new token in ``auth_token`` for future authentication.
+This does not revoke your old token.
+See :ref:`authentication_log_out` for information on revoking tokens.
+
+.. note::
+   Remember to use the ``POST`` HTTP method and not ``GET``.
+   If you use ``GET`` by accident, the server will assume you're trying to read the information of a user called 'extend'.
+   This will result in a "not authorized" error.
+
+.. _authentication_log_out:
+
+Signing out
+-----------
+To revoke a token before expiry, request ``POST /users/logout``.
+Use the following request body:
+
+.. code-block:: json
+
+    {
+        "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODUwNTk3NjIsImlhdCI6MTY4NDQ1NDk2Miwic3ViIjoidXNlciIsImp0aSI6InJlbmV3In0.ZITIK8L5FzLtm-ASwIf6TkTb69z4bsZ8FF0mWee4YI4"
+    }
+
--- a/docs/conf.py
+++ b/docs/conf.py
@ -0,0 +1,27 @@
+# Configuration file for the Sphinx documentation builder.
+#
+# For the full list of built-in configuration values, see the documentation:
+# https://www.sphinx-doc.org/en/master/usage/configuration.html
+
+# -- Project information -----------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information
+
+project = 'sachet-server'
+copyright = '2023, dogeystamp'
+author = 'dogeystamp'
+
+# -- General configuration ---------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration
+
+extensions = ["sphinx_rtd_theme"]
+
+templates_path = ['_templates']
+exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
+
+
+
+# -- Options for HTML output -------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output
+
+html_theme = 'sphinx_rtd_theme'
+html_static_path = ['_static']
--- a/docs/files.rst
+++ b/docs/files.rst
@ -0,0 +1,2 @@
+Files API
+=========
--- a/docs/index.rst
+++ b/docs/index.rst
@ -0,0 +1,76 @@
+.. Sachet documentation master file, created by
+   sphinx-quickstart on Wed May 17 20:46:47 2023.
+   You can adapt this file completely to your liking, but it should at least
+   contain the root `toctree` directive.
+
+Welcome to Sachet's documentation!
+==================================
+
+.. toctree::
+   :maxdepth: 2
+   :caption: Contents:
+
+   authentication
+   permissions
+   user
+   admin
+   files
+
+Sachet is a small file-sharing server.
+
+development
+-----------
+
+To start sachet in dev mode:
+
+Clone the repo::
+
+    git clone https://github.com/dogeystamp/sachet
+    cd sachet
+
+Create a venv with required dependencies::
+
+    python -m venv venv
+    source venv/bin/activate
+    python -m pip3 install -r requirements.txt
+
+Create a configuration file (and set the secret key!)::
+
+    cp config.yml.example config.yml
+    vim config.yml
+
+Start Flask in development mode::
+
+    flask --debug --app sachet.server run
+
+tests
+^^^^^
+
+Run tests with pytest::
+
+    pytest --cov --cov-report term-missing
+
+linting
+^^^^^^^
+
+Please use the linter before submitting code::
+
+    black .
+
+database maintenance
+--------------------
+
+To clean up the database (remove stale entries)::
+
+    flask --app sachet.server cleanup
+
+Otherwise, to upgrade the database after a schema change::
+
+    flask --app sachet.server db upgrade
+
+Indices and tables
+==================
+
+* :ref:`genindex`
+* :ref:`modindex`
+* :ref:`search`
--- a/docs/make.bat
+++ b/docs/make.bat
@ -0,0 +1,35 @@
+@ECHO OFF
+
+pushd %~dp0
+
+REM Command file for Sphinx documentation
+
+if "%SPHINXBUILD%" == "" (
+	set SPHINXBUILD=sphinx-build
+)
+set SOURCEDIR=.
+set BUILDDIR=_build
+
+%SPHINXBUILD% >NUL 2>NUL
+if errorlevel 9009 (
+	echo.
+	echo.The 'sphinx-build' command was not found. Make sure you have Sphinx
+	echo.installed, then set the SPHINXBUILD environment variable to point
+	echo.to the full path of the 'sphinx-build' executable. Alternatively you
+	echo.may add the Sphinx directory to PATH.
+	echo.
+	echo.If you don't have Sphinx installed, grab it from
+	echo.https://www.sphinx-doc.org/
+	exit /b 1
+)
+
+if "%1" == "" goto help
+
+%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O%
+goto end
+
+:help
+%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O%
+
+:end
+popd
--- a/docs/permissions.rst
+++ b/docs/permissions.rst
@ -0,0 +1,2 @@
+Permissions
+===========
--- a/docs/user.rst
+++ b/docs/user.rst
@ -0,0 +1,2 @@
+User API
+========
--- a/requirements.txt
+++ b/requirements.txt
@ -1,10 +1,15 @@
+alabaster==0.7.13
 alembic==1.10.4
 attrs==22.2.0
+Babel==2.12.1
 bcrypt==4.0.1
 bitmask @ git+https://github.com/dogeystamp/bitmask@e3726f069c24f1db6ecb2e3d3143c9c930c83fa5
 black==23.3.0
+certifi==2023.5.7
+charset-normalizer==3.1.0
 click==8.1.3
 coverage==7.2.1
+docutils==0.18.1
 exceptiongroup==1.1.0
 Flask==2.2.3
 Flask-Bcrypt==1.0.1
@ -15,6 +20,8 @@ Flask-Script==2.0.6
 Flask-SQLAlchemy==3.0.3
 Flask-Testing==0.8.1
 greenlet==2.0.2
+idna==3.4
+imagesize==1.4.1
 iniconfig==2.0.0
 itsdangerous==2.1.2
 Jinja2==3.1.2
@ -27,14 +34,27 @@ packaging==23.0
 pathspec==0.11.1
 platformdirs==3.2.0
 pluggy==1.0.0
+Pygments==2.15.1
 PyJWT==2.6.0
 pytest==7.2.2
 pytest-cov==4.0.0
 pytest-env==0.8.1
 PyYAML==6.0
+requests==2.30.0
 six==1.16.0
+snowballstemmer==2.2.0
+Sphinx==6.2.1
+sphinx-rtd-theme==1.2.0
+sphinxcontrib-applehelp==1.0.4
+sphinxcontrib-devhelp==1.0.2
+sphinxcontrib-htmlhelp==2.0.1
+sphinxcontrib-jquery==4.1
+sphinxcontrib-jsmath==1.0.1
+sphinxcontrib-qthelp==1.0.3
+sphinxcontrib-serializinghtml==1.1.5
 SQLAlchemy==2.0.5.post1
 SQLAlchemy-Utils==0.40.0
 tomli==2.0.1
 typing_extensions==4.5.0
+urllib3==2.0.2
 Werkzeug==2.2.3
Author	SHA1	Message	Date
dogeystamp	71683662ea	docs/authentication.rst: added content	2023-05-18 20:29:56 -04:00
dogeystamp	9a0c84d5ae	docs/: added page stubs	2023-05-17 21:26:52 -04:00
dogeystamp	c7ba8ea813	added boilerplate for sphinx	2023-05-17 20:56:29 -04:00