[DOP-21268] - add docs

maxim-lixakov · maxim-lixakov · commit 97da26fd4dc5 · 2024-11-11T17:48:23.000+03:00
diff --git a/docs/backend/auth/custom.rst b/docs/backend/auth/custom.rst
@@ -0,0 +1,10 @@
+.. _backend-auth-custom:
+
+Custom Auth provider
+====================
+
+You can implement custom auth provider by inheriting from class below and implementing necessary methods.
+
+.. autoclass:: syncmaster.backend.providers.auth.AuthProvider
+    :members:
+    :member-order: bysource
diff --git a/docs/backend/auth/dummy.rst b/docs/backend/auth/dummy.rst
@@ -0,0 +1,82 @@
+.. _backend-auth-dummy:
+
+Dummy Auth provider
+===================
+
+Description
+-----------
+
+This auth provider allows to sign-in with any username and password, and and then issues an access token.
+
+After successful auth, username is saved to backend database. It is then used for creating audit records for any object change, see ``changed_by`` field.
+
+Interaction schema
+------------------
+
+.. dropdown:: Interaction schema
+
+    .. plantuml::
+
+        @startuml
+            title DummyAuthProvider
+            participant "Client"
+            participant "Backend"
+
+            == POST v1/auth/token ==
+
+            activate "Client"
+            alt Successful case
+                "Client" -> "Backend" ++ : login + password
+                "Backend" --> "Backend" : Password is completely ignored
+                "Backend" --> "Backend" : Check user in internal backend database
+                "Backend" -> "Backend" : Create user if not exist
+                "Backend" -[#green]> "Client" -- : Generate and return access_token
+
+            else User is blocked
+                "Client" -> "Backend" ++ : login + password
+                "Backend" --> "Backend" : Password is completely ignored
+                "Backend" --> "Backend" : Check user in internal backend database
+                "Backend" x-[#red]> "Client" -- : 401 Unauthorized
+
+            else User is deleted
+                "Client" -> "Backend" ++ : login + password
+                "Backend" --> "Backend" : Password is completely ignored
+                "Backend" --> "Backend" : Check user in internal backend database
+                "Backend" x-[#red]> "Client" -- : 404 Not found
+            end
+
+            == GET v1/namespaces ==
+
+            alt Successful case
+                "Client" -> "Backend" ++ : access_token
+                "Backend" --> "Backend" : Validate token
+                "Backend" --> "Backend" : Check user in internal backend database
+                "Backend" -> "Backend" : Get data
+                "Backend" -[#green]> "Client" -- : Return data
+
+            else Token is expired
+                "Client" -> "Backend" ++ : access_token
+                "Backend" --> "Backend" : Validate token
+                "Backend" x-[#red]> "Client" -- : 401 Unauthorized
+
+            else User is blocked
+                "Client" -> "Backend" ++ : access_token
+                "Backend" --> "Backend" : Validate token
+                "Backend" --> "Backend" : Check user in internal backend database
+                "Backend" x-[#red]> "Client" -- : 401 Unauthorized
+
+            else User is deleted
+                "Client" -> "Backend" ++ : access_token
+                "Backend" --> "Backend" : Validate token
+                "Backend" --> "Backend" : Check user in internal backend database
+                "Backend" x-[#red]> "Client" -- : 404 Not found
+            end
+
+            deactivate "Client"
+        @enduml
+
+Configuration
+-------------
+
+.. autopydantic_model:: syncmaster.backend.settings.auth.dummy.DummyAuthProviderSettings
+.. autopydantic_model:: syncmaster.backend.settings.auth.jwt.JWTSettings
diff --git a/docs/backend/auth/index.rst b/docs/backend/auth/index.rst
@@ -0,0 +1,21 @@
+.. _backend-auth-providers:
+
+Auth Providers
+==============
+
+Syncmaster supports different auth provider implementations. You can change implementation via settings:
+
+.. autopydantic_model:: keycloak.backend.settings.auth.AuthSettings
+
+.. toctree::
+    :maxdepth: 2
+    :caption: Auth providers
+
+    dummy
+    keycloak
+
+.. toctree::
+    :maxdepth: 2
+    :caption: For developers
+
+    custom
diff --git a/docs/backend/auth/keycloak.rst b/docs/backend/auth/keycloak.rst
@@ -0,0 +1,26 @@
+.. _backend-auth-ldap:
+
+KeyCloak Auth provider
+==================
+
+Description
+-----------
+
+TODO:
+
+Strategies
+----------
+
+TODO:
+
+Interaction schema
+------------------
+
+TODO:
+
+Basic configuration
+-------------------
+
+.. autopydantic_model:: syncmaster.settings.auth.keycloak.KeycloakProviderSettings
+.. autopydantic_model:: syncmaster.settings.auth.jwt.JWTSettings
+
diff --git a/docs/backend/install.rst b/docs/backend/install.rst
@@ -123,6 +123,6 @@ To start backend server you need to execute following command:
 
 .. code-block:: console
 
-    $ python -m horizon.backend --host 0.0.0.0 --port 8000
+    $ python -m syncmaster.backend --host 0.0.0.0 --port 8000
 
 After server is started and ready, open http://localhost:8000/docs.
diff --git a/docs/changelog/next_release/123.feature.rst b/docs/changelog/next_release/123.feature.rst
@@ -0,0 +1 @@
+TODO
diff --git a/docs/index.rst b/docs/index.rst
@@ -16,6 +16,7 @@
 
     backend/install
     backend/architecture
+    backend/auth/index
     backend/openapi
     backend/configuration/index
 
diff --git a/syncmaster/backend/providers/auth/base_provider.py b/syncmaster/backend/providers/auth/base_provider.py
@@ -20,7 +20,7 @@ class AuthProvider(ABC):
     @abstractmethod
     def setup(cls, app: FastAPI) -> FastAPI:
         """
-        This method is called by :obj:`horizon.backend.application_factory`.
+        This method is called by :obj:`syncmaster.backend.application_factory`.
 
         Here you should add dependency overrides for auth provider,
         and return new ``app`` object.
@@ -32,7 +32,7 @@ def setup(cls, app: FastAPI) -> FastAPI:
 
             from fastapi import FastAPI
             from my_awesome_auth_provider.settings import MyAwesomeAuthProviderSettings
-            from horizon.backend.dependencies import Stub
+            from syncmaster.backend.dependencies import Stub
 
             class MyAwesomeAuthProvider(AuthProvider):
                 def setup(app):
@@ -63,7 +63,7 @@ async def get_current_user(self, access_token: Any, *args, **kwargs) -> User:
 
         Returns
         -------
-        :obj:`horizon.backend.db.models.User`
+        :obj:`syncmaster.backend.db.models.User`
             Current user object
         """
         ...
