xTr1m/GameList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add OpenAPI contract and generated frontend client

Browse Source
This commit is contained in:
Frank Tovar
2026-02-18 21:25:07 +01:00
parent e55a1b01f4
commit 1802fd6607
19 changed files with 1509 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
API.md
View File

@@ -2,6 +2,8 @@
All endpoints are JSON. Most routes require the HttpOnly `player` cookie issued after register/login. Admin access is granted only via an authenticated admin user session (`IsAdmin=true` on the account).
Auth and admin-sensitive routes are rate-limited and return HTTP `429` on excessive requests.
The machine-readable source of truth is the generated OpenAPI document at `openapi/GameList.json` (runtime endpoint: `GET /openapi/v1.json`).
Frontend API calls are generated from that document into `wwwroot/js/api-client.generated.js` via `npm run generate:api-client`.
## Auth
POST /api/auth/register — accepts optional `adminKey` to set `IsAdmin=true` only for bootstrap of the first admin account