Package dev.dokimos.server.controller.v1

Class ApiKeyController

java.lang.Object

dev.dokimos.server.controller.v1.ApiKeyController

@RestController
@RequestMapping("/api/v1/api-keys")
public class ApiKeyController
extends Object

Manages scoped API keys. Every write here requires an ADMIN principal, enforced by ApiKeyAuthFilter. Create returns the raw generated key exactly once; all other responses carry metadata only.

Constructor Summary

Constructors

Constructor	Description
ApiKeyController(ApiKeyService apiKeyService)

Method Summary

Modifier and Type	Method	Description
org.springframework.http.ResponseEntity<CreatedApiKeyView>	createApiKey(@Valid CreateApiKeyRequest request)	Mints a key.
void	deleteApiKey(UUID id)	Permanently deletes a key.
ApiKeyView	disableApiKey(UUID id)	Disables a key so it can no longer authenticate.
List<ApiKeyView>	listApiKeys()	Lists every key as metadata only; the raw key is never returned.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ApiKeyController

public ApiKeyController(ApiKeyService apiKeyService)

Method Details

createApiKey

@PostMapping
public org.springframework.http.ResponseEntity<CreatedApiKeyView> createApiKey(@Valid @RequestBody
 @Valid CreateApiKeyRequest request)

Mints a key. Returns 201 with a Location header and the raw key in the body; the raw key is never retrievable again.

listApiKeys

@GetMapping
public List<ApiKeyView> listApiKeys()

Lists every key as metadata only; the raw key is never returned.

disableApiKey

@PostMapping("/{id}/disable")
public ApiKeyView disableApiKey(@PathVariable
 UUID id)

Disables a key so it can no longer authenticate. Returns 404 if it does not exist.

deleteApiKey

@DeleteMapping("/{id}")
@ResponseStatus(NO_CONTENT)
public void deleteApiKey(@PathVariable
 UUID id)

Permanently deletes a key. Returns 404 if it does not exist.