allsource_core/
api_v1.rs

1/// v1.0 API router with authentication and multi-tenancy
2use crate::auth::AuthManager;
3use crate::auth_api::*;
4use crate::middleware::{auth_middleware, rate_limit_middleware, AuthState, RateLimitState};
5use crate::rate_limit::RateLimiter;
6use crate::store::EventStore;
7use crate::tenant::TenantManager;
8use crate::tenant_api::*;
9use axum::{
10    middleware,
11    routing::{delete, get, post, put},
12    Router,
13};
14use std::sync::Arc;
15use tower_http::cors::{Any, CorsLayer};
16use tower_http::trace::TraceLayer;
17
18/// Unified application state for all handlers
19#[derive(Clone)]
20pub struct AppState {
21    pub store: Arc<EventStore>,
22    pub auth_manager: Arc<AuthManager>,
23    pub tenant_manager: Arc<TenantManager>,
24}
25
26// Enable extracting Arc<EventStore> from AppState
27// This allows handlers that expect State<Arc<EventStore>> to work with AppState
28impl axum::extract::FromRef<AppState> for Arc<EventStore> {
29    fn from_ref(state: &AppState) -> Self {
30        state.store.clone()
31    }
32}
33
34pub async fn serve_v1(
35    store: Arc<EventStore>,
36    auth_manager: Arc<AuthManager>,
37    tenant_manager: Arc<TenantManager>,
38    rate_limiter: Arc<RateLimiter>,
39    addr: &str,
40) -> anyhow::Result<()> {
41    let app_state = AppState {
42        store,
43        auth_manager: auth_manager.clone(),
44        tenant_manager,
45    };
46
47    let auth_state = AuthState {
48        auth_manager: auth_manager.clone(),
49    };
50
51    let rate_limit_state = RateLimitState {
52        rate_limiter,
53    };
54
55    let app = Router::new()
56        // Public routes (no auth)
57        .route("/health", get(crate::api::health))
58        .route("/metrics", get(crate::api::prometheus_metrics))
59        // Auth routes
60        .route("/api/v1/auth/register", post(register_handler))
61        .route("/api/v1/auth/login", post(login_handler))
62        .route("/api/v1/auth/me", get(me_handler))
63        .route("/api/v1/auth/api-keys", post(create_api_key_handler))
64        .route("/api/v1/auth/api-keys", get(list_api_keys_handler))
65        .route("/api/v1/auth/api-keys/:id", delete(revoke_api_key_handler))
66        .route("/api/v1/auth/users", get(list_users_handler))
67        .route("/api/v1/auth/users/:id", delete(delete_user_handler))
68        // Tenant routes (protected)
69        .route("/api/v1/tenants", post(create_tenant_handler))
70        .route("/api/v1/tenants", get(list_tenants_handler))
71        .route("/api/v1/tenants/:id", get(get_tenant_handler))
72        .route("/api/v1/tenants/:id/stats", get(get_tenant_stats_handler))
73        .route("/api/v1/tenants/:id/quotas", put(update_quotas_handler))
74        .route("/api/v1/tenants/:id/deactivate", post(deactivate_tenant_handler))
75        .route("/api/v1/tenants/:id/activate", post(activate_tenant_handler))
76        .route("/api/v1/tenants/:id", delete(delete_tenant_handler))
77        // Event and data routes (protected by auth)
78        .route("/api/v1/events", post(crate::api::ingest_event))
79        .route("/api/v1/events/query", get(crate::api::query_events))
80        .route("/api/v1/events/stream", get(crate::api::events_websocket))
81        .route("/api/v1/entities/:entity_id/state", get(crate::api::get_entity_state))
82        .route("/api/v1/entities/:entity_id/snapshot", get(crate::api::get_entity_snapshot))
83        .route("/api/v1/stats", get(crate::api::get_stats))
84        // Analytics
85        .route("/api/v1/analytics/frequency", get(crate::api::analytics_frequency))
86        .route("/api/v1/analytics/summary", get(crate::api::analytics_summary))
87        .route("/api/v1/analytics/correlation", get(crate::api::analytics_correlation))
88        // Snapshots
89        .route("/api/v1/snapshots", post(crate::api::create_snapshot))
90        .route("/api/v1/snapshots", get(crate::api::list_snapshots))
91        .route("/api/v1/snapshots/:entity_id/latest", get(crate::api::get_latest_snapshot))
92        // Compaction
93        .route("/api/v1/compaction/trigger", post(crate::api::trigger_compaction))
94        .route("/api/v1/compaction/stats", get(crate::api::compaction_stats))
95        // Schemas
96        .route("/api/v1/schemas", post(crate::api::register_schema))
97        .route("/api/v1/schemas", get(crate::api::list_subjects))
98        .route("/api/v1/schemas/:subject", get(crate::api::get_schema))
99        .route("/api/v1/schemas/:subject/versions", get(crate::api::list_schema_versions))
100        .route("/api/v1/schemas/validate", post(crate::api::validate_event_schema))
101        .route("/api/v1/schemas/:subject/compatibility", put(crate::api::set_compatibility_mode))
102        // Replay
103        .route("/api/v1/replay", post(crate::api::start_replay))
104        .route("/api/v1/replay", get(crate::api::list_replays))
105        .route("/api/v1/replay/:replay_id", get(crate::api::get_replay_progress))
106        .route("/api/v1/replay/:replay_id/cancel", post(crate::api::cancel_replay))
107        .route("/api/v1/replay/:replay_id", delete(crate::api::delete_replay))
108        // Pipelines
109        .route("/api/v1/pipelines", post(crate::api::register_pipeline))
110        .route("/api/v1/pipelines", get(crate::api::list_pipelines))
111        .route("/api/v1/pipelines/stats", get(crate::api::all_pipeline_stats))
112        .route("/api/v1/pipelines/:pipeline_id", get(crate::api::get_pipeline))
113        .route("/api/v1/pipelines/:pipeline_id", delete(crate::api::remove_pipeline))
114        .route("/api/v1/pipelines/:pipeline_id/stats", get(crate::api::get_pipeline_stats))
115        .route("/api/v1/pipelines/:pipeline_id/reset", put(crate::api::reset_pipeline))
116        .with_state(app_state)
117        .layer(middleware::from_fn_with_state(auth_state, auth_middleware))
118        .layer(middleware::from_fn_with_state(rate_limit_state, rate_limit_middleware))
119        .layer(
120            CorsLayer::new()
121                .allow_origin(Any)
122                .allow_methods(Any)
123                .allow_headers(Any),
124        )
125        .layer(TraceLayer::new_for_http());
126
127    let listener = tokio::net::TcpListener::bind(addr).await?;
128    axum::serve(listener, app).await?;
129
130    Ok(())
131}