oauth2-api/README.md

# SecNex OAuth2 API

## Configuration

### Environment Variables

| Variable | Description | Default Value |
|----------|-------------|---------------|
| ENV | Environment | development |
| UNPROTECTED_ENDPOINTS | Unprotected endpoints | |
| DEBUG | Debug mode | false |
| FIBER_SHOW_STARTUP_MESSAGE | Show startup message | false |
| CORS_ALLOW_ORIGINS | CORS allow origins | * |
| CORS_ALLOW_HEADERS | CORS allow headers | Origin, Content-Type, Accept |
| CORS_ALLOW_METHODS | CORS allow methods | GET, POST, PUT, DELETE |
| ADDRESS | Address | :3000 |
| DATABASE_HOST | Database host | localhost |
| DATABASE_PORT | Database port | 5432 |
| DATABASE_USER | Database user | postgres |
| DATABASE_PASSWORD | Database password | postgres |
| DATABASE_NAME | Database name | secnex |
| REDIS_HOST | Redis host | localhost |
| REDIS_PORT | Redis port | 6379 |
| REDIS_PASSWORD | Redis password | |
| JWT_SECRET | JWT secret | your-256-bit-secret |

### Development Environment Variables

| Variable | Description | Default Value |
|----------|-------------|---------------|
| UNPROTECTED_ENDPOINTS | Unprotected endpoints | /api_keys |

## API Endpoints

### Create API Key

```bash
curl -X GET http://localhost:3000/api_keys
```

### Login

```bash
curl -X POST http://localhost:3000/login -d '{"username": "admin", "password": "admin"}'
```

### Register

```bash
curl -X POST http://localhost:3000/register -d '{"username": "admin", "password": "admin"}'
```

### Session Info

```bash
curl -X POST http://localhost:3000/session/info -d '{"token": "your-token"}'
```

### Create API Key

```bash
curl -X GET http://localhost:3000/api_keys
```

***Note:*** The API key can be created only in development environment without authentication. Use the header `Authorization: Bearer <api-key>` to authenticate the requests in other environments.